EUVD-2025-18834Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability, which was classified as critical, has been found in code-projects Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reservation/order.php. The manipulation of the argument Start leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-6456 is a critical SQL injection vulnerability in code-projects Online Hotel Reservation System 1.0, specifically in the /reservation/order.php file's 'Start' parameter. An unauthenticated remote attacker can manipulate this parameter to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the hotel reservation database. Public exploit code is available, and the vulnerability is actively exploitable.
Technical ContextAI
This vulnerability is a classic SQL injection (CWE-74: Improper Neutralization of Special Elements used in an SQL Command) affecting a PHP-based web application. The Online Hotel Reservation System accepts user input via the 'Start' parameter in /reservation/order.php without proper input validation or parameterized query usage. The web application likely concatenates user-supplied input directly into SQL queries, allowing attackers to break out of the intended query context and inject arbitrary SQL syntax. The vulnerability exists in the order processing workflow, which typically handles sensitive booking and customer data. No specific CPE string refinements beyond 'code-projects Online Hotel Reservation System 1.0' are available from the provided data, but the affected software likely runs on Apache/Nginx with PHP 5.4+ and MySQL/MariaDB backends.
RemediationAI
Immediate actions: (1) If patch versions are available from the vendor, upgrade to the latest patched release immediately (vendor advisory/patch details not provided in available data—check code-projects' official repository or website); (2) If no patch exists and vendor support is unavailable, implement network segmentation to restrict access to /reservation/order.php to trusted IP ranges only; (3) Deploy a Web Application Firewall (WAF) with SQL injection detection rules to block malicious payloads targeting the 'Start' parameter; (4) If the system must remain operational, implement input validation: whitelist expected date formats for the 'Start' parameter and reject any input containing SQL metacharacters or unexpected patterns; (5) Use parameterized queries (prepared statements) in the /reservation/order.php code if patching is not immediately possible; (6) Enable SQL query logging and set up alerts for suspicious patterns; (7) Consider replacing this unsupported software with a maintained, well-audited reservation system.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today