| عنوان | SourceCodester Online Hotel Reservation System 1.0 SQL Injection |
|---|
| الوصف | During a security assessment of the *Online Hotel Reservation System In PHP With Source Code*, a critical SQL injection vulnerability was identified in the updateabout.php file. The flaw arises from insufficient validation of the address parameter, which is directly embedded into SQL queries. Exploitation of this flaw allows unauthenticated attackers to inject arbitrary SQL statements, gain access to sensitive data, escalate privileges, and potentially gain control of the application environment. Immediate remediation is strongly advised to mitigate the risk of exploitation. |
|---|
| المصدر | ⚠️ https://github.com/YoSheep/cve/blob/main/Online%20Hotel%20Reservation%20System%20In%20PHP%20With%20Source%20Code%20-%20SQL%20Injection%20in%20updateabout.php.md |
|---|
| المستخدم | YoSheep (UID 88465) |
|---|
| ارسال | 25/08/2025 08:44 AM (10 أشهر منذ) |
|---|
| الاعتدال | 01/09/2025 12:08 PM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 322105 [SourceCodester Hotel Reservation System 1.0 /admin/updateabout.php address حقن SQL] |
|---|
| النقاط | 20 |
|---|