VYPR

Hotel Management PHP

by TREXNEGRO

Source repositories

CVEs (2)

  • CVE-2025-65132MedApr 14, 2026
    risk 0.40cvss 6.1epss 0.00

    alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting (XSS) in /public/admin/edit_room.php which allows an attacker to inject and execute arbitrary JavaScript via the room_id GET parameter.

  • CVE-2023-49272MedDec 20, 2023
    risk 0.35cvss 5.4epss 0.00

    Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in…