Homey Bnb (airbnb Clone Script) CVEs and Security Vulnerabilities

Export limit exceeded: 335431 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-25489	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the hosting_id parameter. Attackers can send GET requests to the rooms/ajax_refresh_subtotal endpoint with malicious hosting_id values to extract sensitive database information or cause denial of service.
CVE-2019-25490	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' parameter. Attackers can send GET requests to the admin/edit.php endpoint with time-based SQL injection payloads to extract sensitive database information.
CVE-2019-25491	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to the admin/cms_getpagetitle.php endpoint with malicious catid values to extract sensitive database information.
CVE-2019-25492	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database information.
CVE-2019-25493	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'val' parameter. Attackers can send GET requests to the admin/getrecord.php endpoint with malicious 'val' values to extract sensitive database information.
CVE-2019-25494	1 Doditsolutions	1 Homey Bnb (airbnb Clone Script)	2026-03-02	8.2 High
Homey BNB V4 contains an SQL injection vulnerability in the administration panel login that allows unauthenticated attackers to bypass authentication by injecting SQL syntax into username and password fields. Attackers can submit SQL operators like '=' 'or' in both credentials to manipulate the authentication query and gain unauthorized access to the admin panel.

Page 1 of 1.