| Title | HOTEL_MANAGEMENT_SYSTEM stack overflow in edit function v1.0 Buffer Overflow |
|---|
| Description | The `edit()` function contains **two critical buffer overflow vulnerabilities** due to unsafe usage of:
1. `scanf("%[^\n]", roomnumber)` (no length restriction)
2. `gets(s.roomnumber)` (deprecated and highly unsafe)
An attacker can exploit these to **overwrite adjacent memory**, leading to **arbitrary code execution (RCE)** or **program crash (DoS)**.
|
|---|
| Source | ⚠️ https://github.com/zzzxc643/cve/blob/main/HOTEL_MANAGEMENT_SYSTEM.md |
|---|
| User | zzzxc (UID 81185) |
|---|
| Submission | 04/29/2025 07:25 AM (1 month ago) |
|---|
| Moderation | 05/09/2025 02:44 PM (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 308216 [code-projects Hotel Management System 1.0 Edit Room edit roomnumber stack-based overflow] |
|---|
| Points | 19 |
|---|