CVE-2024-10411 | SourceCodester Online Hotel Reservation System 1.0 controller.php id sql injection

Inserito da Angelo Barbosa | Ott 26, 2024 | CVE

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/mod_room/controller.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-10411. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10411 | SourceCodester Online Hotel Reservation System 1.0 controller.php id sql injection

Post correlati

CVE-2024-1813 | Simple Job Board Plugin up to 2.11.0 on WordPress Job Application Form code injection

CVE-2024-7792 | SourceCodester Task Progress Tracker 1.0 delete-task.php task sql injection

CVE-2024-8137 | SourceCodester Record Management System 1.0 search_user.php search cross site scripting

CVE-2023-6772 | OTCMS 7.01 /admin/ind_backstage.php sqlContent sql injection