Name of the Vulnerable Software and Affected Versions:

Campcodes Online Hotel Reservation System version 1.0

Description:

A critical issue exists in Campcodes Online Hotel Reservation System that allows for unrestricted file upload. The vulnerability is located in the `/admin/edit room.php` file, where manipulation of the `photo` argument enables malicious uploads. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations:

As a temporary workaround, restrict access to the `/admin/edit room.php` file to minimize the risk of exploitation.