| Title | code-projects Simple Online Hotel Reservation System 2.0 SQL Injection |
|---|
| Description | In the add_account.php file of Simple Online Hotel Reservation System, theuser name parameter is obtained, and the SQL statement is concatenated to the SQL statement without filtering the execution, resulting in SQL injection vulnerabilities and server permissions |
|---|
| Source | ⚠️ https://github.com/asd1238525/cve/blob/main/SQL10.md |
|---|
| User | yunlin (UID 79129) |
|---|
| Submission | 10/17/2025 12:33 (8 months ago) |
|---|
| Moderation | 11/01/2025 16:58 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 330889 [code-projects Simple Online Hotel Reservation System 2.0 /admin/add_account.php Name sql injection] |
|---|
| Points | 18 |
|---|