SQL Injection Vulnerability in Hotel Management System by Unknown Vendor
CVE-2024-42556

Currently unrated

Key Information:

Vendor: Unknown Vendor
Status: Hotel Management System
Vendor: CVE Published:; 20 August 2024

🔔 Create Unknown Vendor Vulnerability Alert

What is CVE-2024-42556?

A vulnerability was identified in the Hotel Management System that allows for SQL injection through the room_type parameter in the admin_room_removed.php file. This flaw can be exploited by an attacker to manipulate database queries, potentially leading to unauthorized data access or data manipulation. It is critical for users of the Hotel Management System to review their implementations for this vulnerability and apply necessary security measures.

References

https://gist.github.com/topsky979/9688bcdd3e05ba79ebf4ff1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2024
Vulnerability Reserved
Aug 5, 2024