PT-2025-49413 · Alokjaiswal · Hotel-Management-Services-Using-Mysql-And-Php
0202H
·
Published
2025-12-07
·
Updated
2025-12-11
·
CVE-2025-14200
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
alokjaiswal Hotel-Management-services-using-MYSQL-and-php versions prior to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f
Description
A cross site scripting issue exists in alokjaiswal Hotel-Management-services-using-MYSQL-and-php. The issue is located in the
/usersub.php file within the Request Pending Page component, affecting an unknown function. The attack can be initiated remotely. The exploit has been publicly disclosed. The product utilizes a rolling release model, and no specific version details for affected or updated releases are available. The vendor was contacted regarding this disclosure but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hotel-Management-Services-Using-Mysql-And-Php