CVE-2019-25748 | Cmsjunkie JHotelReservation 6.0.7 search-hotels Endpoint rooms sql injection (Exploit 46234 / EDB-46234)

Inserito da Angelo Barbosa | Giu 19, 2026 | CVE

A vulnerability marked as critical has been reported in Cmsjunkie JHotelReservation 6.0.7. Affected by this issue is some unknown functionality of the component search-hotels Endpoint. This manipulation of the argument rooms causes sql injection.

The identification of this vulnerability is CVE-2019-25748. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2019-25748 | Cmsjunkie JHotelReservation 6.0.7 search-hotels Endpoint rooms sql injection (Exploit 46234 / EDB-46234)

Post correlati

CVE-2023-29495 | Intel NUC BIOS prior IN0048 input validation (intel-sa-01009)

CVE-2024-0610 | Piraeus Bank WooCommerce Payment Gateway up to 1.6.5.1 on WordPress sql injection

CVE-2025-41061 | appRain CMF 4.0.5 uploadify data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

CVE-2023-42766 | Intel NUC 8 Compute Element BIOS input validation (intel-sa-01028)