| Title | itsourcecode Free Hotel Reservation System V1.0 Unrestricted Upload |
|---|
| Description | During the security review of the "Free Hotel Reservation System", a critical file upload vulnerability was identified in the file "/admin/mod_amenities/index.php?view=add". This vulnerability arises because the backend fails to validate both the file extension and the content of uploaded files. Attackers can exploit this to upload PHP files and perform malicious actions such as command execution. Immediate remediation measures are required to ensure system security and data integrity. |
|---|
| Source | ⚠️ https://github.com/bybinyu/Vulnerability-Practice/issues/4 |
|---|
| User | binyu (UID 96262) |
|---|
| Submission | 03/10/2026 15:21 (1 month ago) |
|---|
| Moderation | 03/26/2026 07:09 (16 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 353558 [itsourcecode Free Hotel Reservation System 1.0 index.php?view=add image unrestricted upload] |
|---|
| Points | 20 |
|---|