EUVD-2025-18824

| CVE-2025-6420 HIGH
2025-06-21 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 21:35 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 21:35 euvd
EUVD-2025-18824
PoC Detected
Oct 23, 2025 - 20:06 vuln.today
Public exploit code
CVE Published
Jun 21, 2025 - 22:15 nvd
HIGH 7.3

Tags

PHP SQLi Simple Online Hotel Reservation System

Description

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add_room.php. The manipulation of the argument room_type leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

A critical SQL injection vulnerability exists in code-projects Simple Online Hotel Reservation System version 1.0, specifically in the /admin/add_room.php file where the 'room_type' parameter is insufficiently sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion of hotel reservation system data. A proof-of-concept exploit has been publicly disclosed, increasing real-world exploitation risk.

Technical Context

The vulnerability is a classic SQL injection flaw (CWE-74: Improper Neutralization of Special Elements used in an Output ('Injection')) stemming from inadequate input validation and parameterized query implementation in PHP. The Simple Online Hotel Reservation System 1.0 (affected CPE would be cpe:2.3:a:code-projects:simple_online_hotel_reservation_system:1.0:*:*:*:*:*:*:*) fails to properly escape or bind the 'room_type' parameter in database queries within the administrative add_room.php endpoint. This allows attackers to inject malicious SQL syntax that bypasses intended query logic, commonly used to exfiltrate user credentials, reservation data, or administrative information from the backend database.

Affected Products

- vendor: code-projects; product: Simple Online Hotel Reservation System; version: 1.0; cpe: cpe:2.3:a:code-projects:simple_online_hotel_reservation_system:1.0:*:*:*:*:*:*:*; affected_component: /admin/add_room.php; vulnerable_parameter: room_type

Remediation

Upgrade to the latest patched version if available from code-projects. If no patch exists, consider alternative hotel management systems. Workaround (Immediate): Implement IP whitelisting or require VPN/authentication gateway access to administrative endpoints. Code-Level Mitigation: Refactor add_room.php to use mysqli prepared statements or PDO with parameterized queries instead of string concatenation. Input Validation: Validate room_type against a predefined list of allowed room types before any database operation. Detection: Enable ModSecurity or similar WAF with OWASP ModSecurity Core Rule Set to block SQL injection attempts.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

EUVD-2025-18824 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy