Fantasticlbp Hotels Server vulnerabilities
4 known vulnerabilities affecting fantasticlbp/hotels_server.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-15127P2CRITICALCVSS 9.8≤ 2019-03-23v67b44df162fab26df209bd5d5d542875fcbec1d02025-12-28
CVE-2025-15127 [CRITICAL] CWE-74 CVE-2025-15127: A security vulnerability has been detected in FantasticLBP Hotels_Server up to 67b44df162fab26df209b
A security vulnerability has been detected in FantasticLBP Hotels_Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publ
nvd
CVE-2025-14711P3CRITICALCVSS 9.8≤ 2019-03-23v67b44df162fab26df209bd5d5d542875fcbec1d02025-12-15
CVE-2025-14711 [CRITICAL] CWE-74 CVE-2025-14711: A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0.
A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. This vulnerability affects unknown code of the file /controller/api/hotelList.php. This manipulation of the argument pickedHotelName/type causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b
nvd
CVE-2025-14710P3CRITICALCVSS 9.8≤ 2019-03-23v67b44df162fab26df209bd5d5d542875fcbec1d02025-12-15
CVE-2025-14710 [CRITICAL] CWE-74 CVE-2025-14710: A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcb
A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. This affects an unknown part of the file /controller/api/OrderList.php. The manipulation of the argument telephone results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. This product implement
nvd
CVE-2025-13208P3MEDIUMCVSS 6.3v67b44df162fab26df209bd5d5d542875fcbec1d02025-11-15
CVE-2025-13208 [MEDIUM] CWE-74 CVE-2025-13208: A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d54
A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown function of the file controller/api/hotelList.php. The manipulation of the argument subjectId/cityName results in sql injection. The attack can be executed remotely. The exploit has been released to the
nvd