PT-2026-55800 · Code Projects · Hotel/Tourism Reservation
Anubhav106
·
Published
2026-07-05
·
Updated
2026-07-05
·
CVE-2026-14754
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/add room.php. Executing a manipulation of the argument delete image/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hotel/Tourism Reservation