A vulnerability was found in itsourcecode Online Hotel Management System 1.0. It has been classified as critical. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection.
This vulnerability is listed as CVE-2026-14688. The attack may be initiated remotely. In addition, an exploit is available.