{"id":7146,"date":"2025-06-22T00:39:43","date_gmt":"2025-06-22T00:39:43","guid":{"rendered":"http:\/\/localhost\/?p=7146"},"modified":"2025-06-22T00:39:43","modified_gmt":"2025-06-22T00:39:43","slug":"code-projects-online-hotel-reservation-system-execedituserphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7146","title":{"rendered":"code-projects Online Hotel Reservation System execedituser.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\ncode-projects Online Hotel Reservation System execedituser.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-22T04:31:06.736Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nOnline Hotel Reservation System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability in the code-projects Online Hotel Reservation System 1.0 allows remote attackers to inject malicious SQL code via the userid argument in execedituser.php. This could lead to unauthorized data access or modification. The vulnerability is considered critical and has been publicly disclosed.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nOnline Hotel Reservation System<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n