CVE-2026-3800 | SourceCodester/janobe Resort Reservation System 1.0 controller.php?action=add doInsert image unrestricted upload

Inserito da Angelo Barbosa | Mar 8, 2026 | CVE

A vulnerability was found in SourceCodester/janobe Resort Reservation System 1.0 and classified as critical. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload.

This vulnerability is documented as CVE-2026-3800. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-3800 | SourceCodester/janobe Resort Reservation System 1.0 controller.php?action=add doInsert image unrestricted upload

Post correlati

CVE-2024-6007 | Netentsec NS-ASG Application Security Gateway 6.3 deleteiscgwrouteconf.php messagecontent sql injection

CVE-2024-2956 | Simple Ajax Chat Plugin up to 20231101 on WordPress cross site scripting

CVE-2025-15456 | bg5sbk MiniCMS up to 1.8 Publish Page /mc-admin/page-edit.php improper authentication

CVE-2023-45594 | AiLux imx6 up to 1.0.7-1 file access