CVE Details
Basic Information
| Title | SourceCodester Online Hotel Reservation System execeditroom.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-20T17:00:10.035Z |
| Last Seen |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Online Hotel Reservation System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability in SourceCodester’s Online Hotel Reservation System version 1.0 allows remote attackers to inject malicious SQL code via the userid argument in execeditroom.php, potentially leading to unauthorized data access and manipulation. |
|---|---|
| AI Severity | High |
| Vendor | SourceCodester |
| Product | Online Hotel Reservation System |
| Affected Version | 1.0 |
Affected Products
- SourceCodester Online Hotel Reservation System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability has been found in SourceCodester Online Hotel Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/execeditroom.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.