2 matches found
CVE-2025-63949
A Reflected Cross-Site Scripting XSS vulnerability in yohanawi Hotel Management System commit 87e004a allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php...
CVE-2025-63949
CVE-2025-63949 describes a reflected XSS in the yohanawi Hotel Management System. All connected documents identify the vulnerability as caused by an unfiltered input in the error parameter of the pages/room.php endpoint, with the commit noted as 87e004a. The impact is remote code execution of arb...