VYPR

Hotel Management System

by Tushar 2223

Source repositories

CVEs (9)

  • CVE-2026-7506HigApr 30, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type leads to sql injection. The attack may be launched remotely. The exploit has been…

  • CVE-2026-6142HigApr 13, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roomdelete.php. The manipulation of the argument ID leads to sql injection. Remote…

  • CVE-2025-14207HigDec 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. The impacted element is an unknown function of the file /admin/invoiceprint.php. The manipulation of the argument ID leads to sql injection. It is possible to…

  • CVE-2026-2553MedFeb 16, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Name/Email results…

  • CVE-2026-6492MedApr 17, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in…

  • CVE-2025-63949Dec 18, 2025
    risk 0.00cvss epss 0.00

    A Reflected Cross-Site Scripting (XSS) vulnerability in yohanawi Hotel Management System (commit 87e004a) allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php.

  • CVE-2024-25315Feb 9, 2024
    risk 0.00cvss epss 0.01

    Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2.

  • CVE-2024-25314Feb 9, 2024
    risk 0.00cvss epss 0.01

    Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.

  • CVE-2022-36254Sep 12, 2022
    risk 0.00cvss epss 0.01

    Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".