High severity7.3NVD Advisory· Published Mar 8, 2026· Updated Apr 29, 2026
CVE-2026-3730
CVE-2026-3730
Description
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/mod_amenities/index.php?view=edit. Performing a manipulation of the argument amen_id/rmtype_id results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
Affected products
1- cpe:2.3:a:itsourcecode:free_hotel_reservation_system:1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/anon387tdug/anon387/issues/1nvdExploitIssue TrackingMitigationThird Party Advisory
- github.com/yihaofuweng/cve/issues/62nvdExploitIssue TrackingMitigationThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- itsourcecode.comnvdProduct
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.