A vulnerability categorized as problematic has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The manipulation results in information disclosure.
This vulnerability is reported as CVE-2025-11406. The attack can be launched remotely. Moreover, an exploit is present.
This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. It has been rated as critical. This vulnerability affects unknown code of the file /del_tax.php. The manipulation of the argument ID leads to sql injection.
This vulnerability is documented as CVE-2025-11405. The attack can be initiated remotely. Additionally, an exploit exists.
A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. It has been declared as critical. This affects an unknown part of the file /pages/save_tax.php. Executing manipulation of the argument percentage can lead to sql injection.
This vulnerability is registered as CVE-2025-11404. It is possible to launch the attack remotely. Furthermore, an exploit is available.
A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. It has been classified as critical. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the argument ID results in sql injection.
This vulnerability is cataloged as CVE-2025-11403. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the argument ID leads to sql injection.
This vulnerability is listed as CVE-2025-11402. The attack may be performed from remote. In addition, an exploit is available.
A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0 and classified as critical. Affected is an unknown function of the file /pages/save_curr.php. This manipulation of the argument currcode causes sql injection.
This vulnerability is tracked as CVE-2025-11401. The attack is possible to be carried out remotely. Moreover, an exploit is present.
A vulnerability, which was classified as critical, was found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulation of the argument ID results in sql injection.
This vulnerability is identified as CVE-2025-11400. The attack can be executed remotely. Additionally, an exploit exists.
A vulnerability, which was classified as critical, has been found in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_room.php. The manipulation of the argument floorno leads to sql injection.
This vulnerability is referenced as CVE-2025-11399. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
A vulnerability classified as critical was found in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing manipulation of the argument image can lead to unrestricted upload.
The identification of this vulnerability is CVE-2025-11398. The attack may be launched remotely. Furthermore, there is an exploit available.