tramyardg

3 exploits Active since Oct 2021
CVE-2021-41651 WRITEUP HIGH WRITEUP
Hotel Management System - Blind SQL Injection via cid Parameter in process_update_profile.php
A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in process_update_profile.php.
CVSS 7.5
CVE-2022-27475 WRITEUP MEDIUM WRITEUP
hotel_management_system - Stored Cross-Site Scripting in /admin.php
Cross site scripting (XSS) vulnerability in tramyardg hotel-mgmt-system, allows attackers to execute arbitrary code when when /admin.php is loaded.
CVSS 6.1
CVE-2022-36254 WRITEUP MEDIUM WORKING POC
Tramyardg Hotel Management System 1.0 - XSS
Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".
CVSS 5.4