A SQL injection vulnerability exists in Projectworlds Online Hotel Booking System version 1.0, a hotel online booking system from Projectworlds, Inc. The vulnerability stems from a lack of validation of the roomname parameter against external input SQL statements. An attacker could use this vulnerability to perform a sql injection attack.
CPE | Name | Operator | Version |
---|---|---|---|
projectworlds online hotel booking system | eq | 1.0 |