Vulnerabilities (CVE)

Filtered by vendor Bestsoftinc Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15535 1 Bestsoftinc 1 Car Rental System 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields.
CVE-2017-20125 1 Bestsoftinc 1 Online Hotel Booking System 2024-11-21 7.5 HIGH 6.3 MEDIUM
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2017-20124 1 Bestsoftinc 1 Online Hotel Booking System 2024-11-21 6.5 MEDIUM 6.3 MEDIUM
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2014-4035 1 Bestsoftinc 1 Advance Hotel Booking System 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2010-4814 1 Bestsoftinc 1 Advance Hotel Booking System 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.