| Title | tushar-2223 Hotel Management System Up to commit (including) bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15 SQL Injection |
|---|
| Description | A SQL Injection vulnerability has been identified in tushar-2223 Hotel-Management-System up to commit bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. The vulnerability allows an authenticated remote attacker to execute arbitrary SQL commands via crafted POST requests during the room reservation process.
Vulnerable file: home.php (tushar-2223/Hotel-Management-System/home.php), Line: 179, "INSERT INTO roombook" Query
Suggested CVSS
High 8.8 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
|---|
| Source | ⚠️ https://github.com/Stolichnayer/SQLi-Hotel-Management-System |
|---|
| User | alexperrakis (UID 85369) |
|---|
| Submission | 02/01/2026 17:56 (3 months ago) |
|---|
| Moderation | 02/15/2026 17:23 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 346162 [tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15 HTTP POST Request /home.php Name/Email sql injection] |
|---|
| Points | 20 |
|---|