CVE Details
Basic Information
| Title | SourceCodester Online Hotel Reservation System deleteroom.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-08-02T17:32:06.652Z |
| Modified | 2025-08-02T17:32:06.652Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Online Hotel Reservation System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in SourceCodester’s Online Hotel Reservation System, specifically in the deleteroom.php file. This vulnerability allows remote attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| AI Vendor | SourceCodester |
| AI Product | Online Hotel Reservation System |
| AI Version | 1.0 |
Affected Products
- SourceCodester Online Hotel Reservation System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.