26Eki
CVE-2024-10411 | SourceCodester Online Hotel Reservation System 1.0 controller.php id sql injection
A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the functiondoCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout
of the file /marimar/admin/mod_room/controller.php. The manipulation of the argument id leads to sql injection.
This vulnerability is traded as CVE-2024-10411. It is possible to launch the attack remotely. Furthermore, there is an exploit available.