CVE-2025-11399

A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/saveroom.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has bee...

CVE-2025-11474 SourceCodester Hotel and Lodge Management System edit_booking.php sql injection

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbooking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-11405 SourceCodester Hotel and Lodge Management System del_tax.php sql injection

A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /deltax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

CVE-2025-11404

SourceCodester Hotel and Lodge Management System 1.0 is affected by CVE-2025-11404 due to an SQL injection in the /pages/save_tax.php file, caused by improper handling of the percentage parameter. An attacker can remotely exploit this vulnerability, and public disclosures exist. The vulnerability...

CVE-2025-11401 SourceCodester Hotel and Lodge Management System save_curr.php sql injection

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/savecurr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and ma...