CVE-2024-42552

Name of the Vulnerable Software and Affected Versions Hotel Management System version 91caab8

Description A SQL injection vulnerability was discovered in the Hotel Management System via the book id parameter at the "admin room history.php" endpoint. This issue allows for potential unauthenticated remote exploitation. Administrators should review logs for signs of compromise.

Recommendations For Hotel Management System version 91caab8, consider disabling access to the "admin room history.php" endpoint until a patch is available. Restrict the use of the book id parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.