Buffer Overflow Vulnerability in Simple Hotel Booking System by SourceCodester
CVE-2025-3728

7.8HIGH

Key Information:

Vendor: SourceCodester
Status: Simple Hotel Booking System
Vendor: CVE Published:; 16 April 2025

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2025-3728?

The Simple Hotel Booking System version 1.0 from SourceCodester is affected by a buffer overflow vulnerability in its login function. This security flaw arises from improper handling of the username input, allowing local attackers to exploit the system. By manipulating the input argument 'uname', an attacker may trigger this vulnerability, potentially leading to unauthorized access or execution of arbitrary code. The exploit has been publicly disclosed, increasing the urgency for users to address this issue.

References

https://github.com/eeeee-vul/CVE/issues/3

https://vuldb.com/?ctiid.305074

https://vuldb.com/?id.305074

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2025