CVE-2022-48090

Name of the Vulnerable Software and Affected Versions Tramyardg hotel-mgmt-system version 2022.4

Description The issue concerns SQL Injection, which can be exploited via the /app/dao/CustomerDAO.php endpoint. This allows for potential unauthorized access or manipulation of data. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Tramyardg hotel-mgmt-system version 2022.4, consider restricting access to the /app/dao/CustomerDAO.php endpoint until a patch is available. Additionally, review and modify the code to properly sanitize and validate user input to prevent SQL Injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.