CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-18102

Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/FantasticLBP/Hotels_Server/issues/3
https://github.com/FantasticLBP/Hotels_Server/issues/3

Products affected by CVE-2020-18102

Hotels Server Project » Hotels Server » Version: 1.0

cpe:2.3:a:hotels_server_project:hotels_server:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-18102

Products

Pricing

Contact Us