| 제목 | SourceCodester Online Hotel Reservation System 1.0 SQL Injection |
|---|
| 설명 | During a security assessment of the *Online Hotel Reservation System In PHP With Source Code*, a critical SQL injection vulnerability was identified in the edituser.php file. The flaw arises from insufficient validation of the userid parameter, which is directly embedded into SQL queries. Exploitation of this flaw allows unauthenticated attackers to inject arbitrary SQL statements, gain access to sensitive data, escalate privileges, and potentially gain control of the application environment. Immediate remediation is strongly advised to mitigate the risk of exploitation. |
|---|
| 원천 | ⚠️ https://github.com/YoSheep/cve/blob/main/Online%20Hotel%20Reservation%20System%20In%20PHP%20With%20Source%20Code%20-%20SQL%20Injection%20in%20edituser.php.md |
|---|
| 사용자 | YoSheep (UID 88465) |
|---|
| 제출 | 2025. 08. 25. AM 07:34 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 01. PM 12:04 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 322104 [SourceCodester Online Hotel Reservation System 1.0 /admin/edituser.php userid SQL 주입] |
|---|
| 포인트들 | 20 |
|---|