PT-2026-45554 · Code Projects · Hotel/Tourism Reservation System

Imad Alvi

Publicado

2026-06-01

Atualizado

2026-06-01

CVE-2026-10289

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.

Exploit

Correção

Code Injection

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94CWE-79

Identificadores relacionados

CVE-2026-10289

Produtos afetados

Hotel/Tourism Reservation System

PT-2026-45554 · Code Projects · Hotel/Tourism Reservation System

CVE-2026-10289

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7