| タイトル | itsourcecode Free Hotel Reservation System V1.0 SQL Injection |
|---|
| 説明 | During the security review of the "Free Hotel Reservation System", a critical SQL injection vulnerability was discovered in the file /admin/mod_room/index.php?view=edit&id=1. This vulnerability is due to insufficient validation of the user‑supplied idparameter, which allows an attacker to inject malicious SQL queries. As a result, the attacker can gain unauthorized access to the database, modify or delete data, and retrieve sensitive information. Immediate remedial action is required to ensure system security and data integrity. |
|---|
| ソース | ⚠️ https://github.com/bybinyu/Vulnerability-Practice/issues/8 |
|---|
| ユーザー | binyu (UID 96262) |
|---|
| 送信 | 2026年03月11日 16:06 (18 日 ago) |
|---|
| モデレーション | 2026年03月27日 09:27 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 353843 [itsourcecode Free Hotel Reservation System 1.0 index.php?view=edit 識別子 SQLインジェクション] |
|---|
| ポイント | 20 |
|---|