| Title | arnobt78 Hotel Booking Management System 1 Information Disclosure |
|---|
| Description | The Hotel Booking Management System exposes a detailed health check endpoint /api/health/detailed that returns extensive system information without requiring authentication.
This information can be leveraged by attackers for reconnaissance, targeted exploitation, and infrastructure mapping.
|
|---|
| Source | ⚠️ https://github.com/sudo-secure/security-research/blob/main/Hotel-Booking-Management-System/sensitive-information-disclosure/PoC.md |
|---|
| User | sudosme (UID 96548) |
|---|
| Submission | 03/24/2026 16:10 (24 days ago) |
|---|
| Moderation | 04/17/2026 09:24 (24 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 358036 [arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea Health Check Endpoint /api/health/detailed information disclosure] |
|---|
| Points | 17 |
|---|