Zhicat

#7589of 53,634
36.2Total CVSS
Vulnerabilities · 4
High
3
Critical
1
PT-2025-40961
8.8
2025-10-07
Code Projects · Online Hotel Reservation System · CVE-2025-11351
**Name of the Vulnerable Software and Affected Versions** code-projects Online Hotel Reservation System version 1.0 **Description** A flaw exists in code-projects Online Hotel Reservation System 1.0 that allows for unrestricted file uploads. The issue is located in the file `/admin/editpicexec.php` within an unknown function, and is triggered by manipulating the `image` argument. Remote exploitation is possible, and the exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-40962
8.8
2025-10-07
Code Projects · Online Hotel Reservation System · CVE-2025-11352
**Name of the Vulnerable Software and Affected Versions** code-projects Online Hotel Reservation System version 1.0 **Description** A security issue exists in code-projects Online Hotel Reservation System 1.0. The manipulation of the `image` argument in the file `/admin/addexec.php` allows for unrestricted file uploads. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-40964
8.8
2025-10-07
Code Projects · Online Hotel Reservation System · CVE-2025-11353
**Name of the Vulnerable Software and Affected Versions** Online Hotel Reservation System version 1.0 **Description** A flaw exists in Online Hotel Reservation System version 1.0 that allows for unrestricted file upload. This is possible through manipulation of the `image` argument in the `/admin/addgalleryexec.php` file. The attack can be carried out remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-40965
9.8
2025-10-07
Code Projects · Online Hotel Reservation System · CVE-2025-11354
**Name of the Vulnerable Software and Affected Versions** code-projects Online Hotel Reservation System version 1.0 **Description** A flaw exists that allows for unrestricted file upload. The issue is located in the `/admin/addslideexec.php` file, specifically through manipulation of the `image` argument. This can be exploited remotely. The exploit has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.