CVE-2025-1964 | projectworlds Online Hotel Booking 1.0 booknow.php?roomname=Duplex checkin sql injection

Posted by Angelo Barbosa | Mar 4, 2025 | CVE

A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been rated as critical. This issue affects some unknown processing of the file /booknow.php?roomname=Duplex. The manipulation of the argument checkin leads to sql injection.

The identification of this vulnerability is CVE-2025-1964. The attack may be initiated remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-1964 | projectworlds Online Hotel Booking 1.0 booknow.php?roomname=Duplex checkin sql injection

Related Posts

CVE-2023-40279 | OpenClinic GA 5.247.01 main.do Page path traversal

CVE-2024-13348 | Smart Agenda Plugin up to 4.7 on WordPress cross-site request forgery

CVE-2024-45368 | AutomationDirect DirectLogic H2-DM1E up to 2.8.0 session fixiation (icsa-24-256-17)

CVE-2024-34809 | Extend Themes EmpowerWP Plugin up to 1.0.21 on WordPress cross-site request forgery