Zzzhe

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A security flaw exists in itsourcecode Free Hotel Reservation System 1.0. The vulnerability is located in unknown code within the `/hotel/admin/login.php` file, specifically within the Parameter Handler component. Manipulation of the `email` argument can lead to SQL injection. The attack can be launched remotely, and an exploit has been publicly released. Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/hotel/admin/login.php` file.