2 matches found
CVE-2026-14754
The CVE covers code-projects Hotel and Tourism Reservation 1.0, where the /admin/add_room.php function is vulnerable. Manipulating the arguments delete_image, edit/description, number, price, rooms, or type can trigger an SQL injection. The attack can be launched remotely, and a public exploit ha...
CVE-2023-1561
A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file addroom.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. VDB-223554 is the...