CVE-2025-11400 SourceCodester Hotel and Lodge Management System del_room.php sql injection

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /delroom.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2025-11400

SourceCodester Hotel and Lodge Management System 1.0 contains a SQL injection vulnerability in the /del_room.php endpoint triggered by manipulating the ID parameter. The CVE-2025-11400 entries indicate remote exploitation with publicly available exploits. The issue is documented with multiple ven...

PT-2025-41134

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the file /del room.php. Manipulation of the ID argument can lead to SQL...

CVE-2025-10788

A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been...

Simple Online Hotel Reservation System delete_room.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...

CVE-2025-6448

A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument roomid leads to sql injection. The attack can be...

CVE-2025-6448

CVE-2025-6448 applies to code-projects Simple Online Hotel Reservation System 1.0. The vulnerability is in the file /admin/delete_room.php where the argument/parameter room_id is unsafely handled, leading to a SQL injection. It is described as exploitable remotely, with exploit information public...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...

CVE-2023-27255

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

CVE-2024-42774

An Incorrect Access Control vulnerability was found in /admin/deleteroom.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section...

CVE-2024-42774

An Incorrect Access Control vulnerability was found in /admin/deleteroom.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section...

CVE-2024-42768

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/deleteroom.php...

CVE-2024-42768

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/deleteroom.php...

CVE-2024-42768

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/deleteroom.php...

PT-2024-30145 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: An Incorrect Access Control issue was found in the /admin/delete room.php endpoint, allowing an unauthenticated attacker to delete valid hotel room entries in the administrator sectio...

PT-2024-30138 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the system via the "/admin/delete room.php" API endpoint. This allows an attacker to perform unauthorized actions on the system...

Kashipara Hotel Management System 安全漏洞

Kashipara Hotel Management System is a hotel management system from Kashipara. An access control error vulnerability exists in Kashipara Hotel Management System v1.0, which can be exploited by an unauthenticated attacker to delete valid hotel room entries in the administrator section...

CVE-2023-27255

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

IDAttend IDWeb SQL Injection Vulnerability

IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions that stems from an unauthenticated SQL injection in the DeleteRoomChanges method...

CVE-2022-32350

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deleteroomtype...