Unknown · Hotel Management System · CVE-2025-14207
**Name of the Vulnerable Software and Affected Versions**
tushar-2223 Hotel-Management-System (affected versions not specified)
**Description**
A SQL injection issue exists in the Hotel-Management-System. The issue is located in an unknown function within the `/admin/invoiceprint.php` file. Manipulating the `ID` argument can trigger the injection. This can be initiated remotely. The exploit is publicly available.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.