CVE-2026-7697

Name of the Vulnerable Software and Affected Versions AMTT Hotel Broadband Operation System version 1.0

Description An issue exists in the file '/manager/card/cardhand submit.php' where manipulation of the ID argument allows for SQL injection, which is a technique used to interfere with the queries that an application makes to its database. This allows for remote exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the file '/manager/card/cardhand submit.php' to minimize the risk of exploitation.