CVE-2024-10411 | SourceCodester Online Hotel Reservation System 1.0 controller.php id sql injection

Posted by Angelo Barbosa | Oct 26, 2024 | CVE

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/mod_room/controller.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-10411. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10411 | SourceCodester Online Hotel Reservation System 1.0 controller.php id sql injection

Related Posts

CVE-2024-1148 | OpenText PVCS Version Manager prior 8.6.3.3 improper authentication

CVE-2023-52162 | Mercusys MW325R EU V3 1.11.0 Build 221019 stack-based overflow

CVE-2022-3399 | Cookie Notice & Compliance for GDPR CCPA Plugin up to 2.4.17.1 on WordPress cross site scripting

CVE-2023-44250 | Fortinet FortiOS/FortiProxy up to 7.4.1 HA Request privileges management (FG-IR-23-315)