| Titre | code-projects Simple Online Hotel Reservation System 2.0 SQL Injection |
|---|
| Description | In the add_account.php file of Simple Online Hotel Reservation System, theuser name parameter is obtained, and the SQL statement is concatenated to the SQL statement without filtering the execution, resulting in SQL injection vulnerabilities and server permissions |
|---|
| La source | ⚠️ https://github.com/asd1238525/cve/blob/main/SQL10.md |
|---|
| Utilisateur | yunlin (UID 79129) |
|---|
| Soumission | 17/10/2025 12:33 (il y a 8 mois) |
|---|
| Modérer | 01/11/2025 16:58 (15 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 330889 [code-projects Simple Online Hotel Reservation System 2.0 /admin/add_account.php Nom injection SQL] |
|---|
| Points | 18 |
|---|