VYPR

Hotel And Tourism Reservation System Authentication Bypass

by Xmyronn

Source repositories

CVEs (2)

  • CVE-2026-10288HigJun 1, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is…

  • CVE-2026-10289MedJun 1, 2026
    risk 0.28cvss 4.3epss 0.00

    A security flaw has been discovered in code-projects Hotel and Tourism Reservation System 1.0. Impacted is an unknown function of the file /ht/tour.php. Performing a manipulation of the argument name /email /people /number results in cross site scripting. The attack can be…