HoyaAm/cve-hoya
GitHub
Releases0
During the security review of "Responsive Hotel Site", discovered a critical SQL injection vulnerability in the "/admin/roomdel.php" file. This vulnerability stems from insufficient user input validation of the 'id' parameter, allowing attackers to inject malicious SQL queries.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 4.7 MEDIUM | 5.8 MEDIUM | ||
A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||