CVE-2026-2553

Name of the Vulnerable Software and Affected Versions tushar-2223 Hotel-Management-System versions up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15

Description A security flaw exists in tushar-2223 Hotel-Management-System. The issue is related to SQL injection within the HTTP POST Request Handler component, specifically affecting the file /home.php. Manipulation of the Name/Email argument can trigger the injection. This attack can be initiated remotely. The exploit has been publicly released. Continuous delivery with rolling releases is used, and no specific version details for affected or updated releases are available. The vendor was contacted but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.