📦 Simple Online Hotel Reservation System

by Fabian

🔍 What is Simple Online Hotel Reservation System?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-13169

HIGH CVSS 7.3 Nov 14, 2025

CVE-2025-13169 is an SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 that allows remote attackers to execute arbitrary SQL commands via the room_id parameter in /add_query_re...

CVE-2025-13170

HIGH CVSS 7.3 Nov 14, 2025

CVE-2025-13170 is an SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 that allows attackers to manipulate database queries via the admin_id parameter in /admin/edit_account.ph...

CVE-2025-6451

HIGH CVSS 7.3 Jun 22, 2025

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows remote attackers to execute arbitrary SQL commands via the transaction_id parameter in /admin/delete_pend...

CVE-2025-6449

HIGH CVSS 7.3 Jun 22, 2025

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows attackers to manipulate database queries via the transaction_id parameter in /admin/checkout_query.php. R...

CVE-2025-6448

HIGH CVSS 7.3 Jun 22, 2025

CVE-2025-6448 is a critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 that allows remote attackers to execute arbitrary SQL commands via the room_id parameter in /admin...

CVE-2025-6420

HIGH CVSS 7.3 Jun 21, 2025

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows remote attackers to execute arbitrary SQL commands via the room_type parameter in /admin/add_room.php. Th...

CVE-2025-6418

HIGH CVSS 7.3 Jun 21, 2025

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows attackers to manipulate database queries through the Name parameter in /admin/edit_query_account.php. Att...

CVE-2025-6394

HIGH CVSS 7.3 Jun 21, 2025

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'firstname' parameter in /add_reserve.php. Thi...

CVE-2025-12594

MEDIUM CVSS 4.7 Nov 2, 2025

This SQL injection vulnerability in Simple Online Hotel Reservation System 2.0 allows attackers to manipulate database queries through the Name parameter in /admin/add_account.php. Attackers can poten...

CVE-2023-1561

MEDIUM CVSS 6.3 Mar 22, 2023

This critical vulnerability in Simple Online Hotel Reservation System 1.0 allows attackers to upload arbitrary files without restrictions via the add_room.php file. This can lead to remote code execut...