itsourcecode Free Hotel Reservation System index.php unrestricted upload_CVE-2026-4875

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/mod_amenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2026-4875

Source VulDB

Published Mar 26, 2026 at 12:23

Modified Mar 28, 2026 at 02:17

Affected Product

Vendor itsourcecode

Product Free Hotel Reservation System

Version 1.0

Affected Versions itsourcecode Free Hotel Reservation System 1.0

CWE Classification

CWE-434 CWE-284

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/mod_amenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-03-26T12:23:31.296Z",
    "modified": "2026-03-28T02:17:22.840Z",
    "type": "cve",
    "title": "itsourcecode Free Hotel Reservation System index.php unrestricted upload",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.353558\nhttps://vuldb.com/?ctiid.353558\nhttps://vuldb.com/?submit.776245\nhttps://github.com/bybinyu/Vulnerability-Practice/issues/4\nhttps://itsourcecode.com/",
    "id": "CVE-2026-4875",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "itsourcecode Free Hotel Reservation System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Free Hotel Reservation System",
    "version": "1.0",
    "vendor": "itsourcecode",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}