CVE-2026-7506 SourceCodester Hotel Management System check sql injection

A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument roomtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

PT-2026-36211

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel Management System version 1.0 Description An issue exists in the '/index.php/reservation/check' endpoint where manipulation of the room type argument allows for SQL injection, which is a technique used to interfere with th...

CVE-2025-11471

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /editcustomer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-11405

A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /deltax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2025-11401

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/savecurr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and ma...

CVE-2025-11398

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be launched...

CVE-2025-11474 SourceCodester Hotel and Lodge Management System edit_booking.php sql injection

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbooking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-11472

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-11473

CVE-2025-11473 affects SourceCodester Hotel and Lodge Management System 1.0, with the vulnerable component in the file /edit_curr.php where improper handling of the currsymbol parameter enables SQL injection. The vulnerability is described as remotely exploitable, with public exploit information ...

CVE-2025-11472

CVE-2025-11472 affects SourceCodester Hotel and Lodge Management System 1.0. The vulnerability is a SQL injection in the /edit_room.php script caused by improper handling of the ID parameter, enabling remote exploitation. Exploit unreliable/unconfirmed details are not provided beyond the claim th...

CVE-2025-11471

The CVE-2025-11471 entry affects SourceCodester Hotel and Lodge Management System 1.0, specifically the file /edit_customer.php where manipulating the ID parameter enables SQL injection. Root cause: improper handling of user-supplied ID leads to a SQL injection vulnerability. Impact, as described...

CVE-2025-11470

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /managewebsite.php. The manipulation of the argument websiteimage/backloginimage leads to unrestricted upload. The attack is possible t...

CVE-2025-11469

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

CVE-2025-11469 SourceCodester Hotel and Lodge Management System save_customer.php sql injection

A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/savecustomer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has...

PT-2025-41251

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the /edit booking.php file. Manipulation of the Name argument can lead to a SQL...

PT-2025-41243

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A security issue exists in SourceCodester Hotel and Lodge Management System version 1.0. The issue allows for unrestricted file upload through manipulation of the website...

SourceCodester Hotel and Lodge Management System SQL注入漏洞

SourceCodester Hotel and Lodge Management System is SourceCodester open source hotel and lodge management system. A SQL injection vulnerability exists in SourceCodester Hotel and Lodge Management System version 1.0, which stems from an incorrect manipulation of the parameter Name in the file...

PT-2025-41250

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the /edit curr.php file. Manipulation of the currsymbol argument can lead to a...

CVE-2025-11405

A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /deltax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...