Buffer Overflow Vulnerability in Simple Hotel Booking System by SourceCodester
CVE-2025-3728

5.3MEDIUM

Key Information:

Vendor: SourceCodester
Status: Simple Hotel Booking System
Vendor: CVE Published:; 16 April 2025

Summary

The Simple Hotel Booking System version 1.0 from SourceCodester is affected by a buffer overflow vulnerability in its login function. This security flaw arises from improper handling of the username input, allowing local attackers to exploit the system. By manipulating the input argument 'uname', an attacker may trigger this vulnerability, potentially leading to unauthorized access or execution of arbitrary code. The exploit has been publicly disclosed, increasing the urgency for users to address this issue.

References

https://github.com/eeeee-vul/CVE/issues/3

https://vuldb.com/?ctiid.305074

https://vuldb.com/?id.305074

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 16, 2025