CVE-2025-12594 | code-projects Simple Online Hotel Reservation System 2.0 /admin/add_account.php Name sql injection

Inserito da Angelo Barbosa | Nov 1, 2025 | CVE

A vulnerability described as critical has been identified in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection.

This vulnerability was named CVE-2025-12594. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-12594 | code-projects Simple Online Hotel Reservation System 2.0 /admin/add_account.php Name sql injection

Post correlati

CVE-2023-7202 | Fatal Error Notify Plugin up to 1.5.2 on WordPress Test Error authorization

CVE-2025-47268 | iputils up to 20240905 ping integer overflow

CVE-2024-1500 | Royal Elementor Addons and Templates Plugin up to 1.3.91 on WordPress Logo Widget cross site scripting

CVE-2024-39302 | BigBlueButton up to 2.6.17/2.7.7/3.0.0-alpha6 resque-2.6.0 privileges management (GHSA-5966-9hw8-q96q)