GCVE - cpe:2.3:a:amttgroup:hotel_broadband_operation

Approved changes feed: RSS · Atom

cpe:2.3:a:amttgroup:hotel_broadband_operation_system:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Amttgroup (`bb2468c9-5945-5780-8c49-434d93ec02cf`)
Product	Hotel Broadband Operation System (`b0553742-5ffb-5b2e-a084-f2bc0acfb3d5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-41476`	vulnerable	2026-06-08 06:43:54.545928	Details available AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/card_detail.php. Published: 2024-08-09T00:00:00.000Z Updated: 2024-08-10T14:37:22.044Z Open on db.gcve.eu Reference links https://www.amttgroup.com/ https://gist.github.com/lidy4x1/3314fbd82c3d72831c16f9c47a9bfb11	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-11051`	vulnerable	2026-06-08 06:23:48.587224	AMTT Hotel Broadband Operation System online_status.php sql injection MEDIUM (6.3) A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-11-10T07:31:06.746Z Updated: 2024-11-12T15:32:54.172Z Open on db.gcve.eu Reference links https://vuldb.com/?id.283794 https://vuldb.com/?ctiid.283794 https://vuldb.com/?submit.432691 https://wiki.shikangsi.com/post/share/ab8e6804-5c8e-442b-8a37-c6b376bcc86f	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-11050`	vulnerable	2026-06-08 06:23:48.583310	AMTT Hotel Broadband Operation System language.php cross site scripting LOW (3.5) A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-11-10T07:00:17.242Z Updated: 2024-11-12T15:36:35.242Z Open on db.gcve.eu Reference links https://vuldb.com/?id.283793 https://vuldb.com/?ctiid.283793 https://vuldb.com/?submit.432690 https://wiki.shikangsi.com/post/share/ba791f6d-7f63-494f-bd73-827ed7f26e2e	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Hotel Broadband Operation System

PURL mappings

Vulnerability references

Contribute