EUVD-2025-18893
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument room_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Analysis
CVE-2025-6419 is a critical SQL injection vulnerability in code-projects Simple Online Hotel Reservation System 1.0 affecting the /admin/edit_room.php endpoint, where the 'room_type' parameter is improperly sanitized, allowing unauthenticated remote attackers to execute arbitrary SQL commands. The vulnerability has a CVSS score of 7.3 with public proof-of-concept code available, indicating active exploitation risk and widespread discoverability.
Technical Context
The vulnerability stems from CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), specifically manifesting as SQL injection in a PHP-based hotel reservation system. The /admin/edit_room.php file fails to properly parameterize or escape user input from the 'room_type' GET/POST parameter before incorporating it into SQL queries, likely using string concatenation rather than prepared statements or parameterized queries. This is a classic improper input validation issue in legacy PHP applications that predate modern ORM frameworks and security-aware coding practices. The affected product is code-projects Simple Online Hotel Reservation System version 1.0, typically deployed on Apache/PHP web servers with MySQL or similar DBMS backends.
Affected Products
Simple Online Hotel Reservation System (['1.0'])
Remediation
- priority: IMMEDIATE; action: Disable or restrict access to /admin/edit_room.php using web server controls (e.g., .htaccess, nginx rules) until patching is possible; details: Implement IP whitelisting for admin interfaces or require VPN/bastion host access - priority: CRITICAL; action: Apply input validation and parameterized queries; details: Replace all string concatenation in SQL queries with prepared statements using parameterized queries (mysqli_prepare, PDO prepared statements). Validate room_type parameter against an allowlist of expected values before use in SQL context. - priority: HIGH; action: Migrate to maintained alternative; details: Given the apparent abandonment of Simple Online Hotel Reservation System 1.0, consider migrating to actively maintained hotel management platforms (e.g., Hotelogix, Cloudbeds, or similar SaaS solutions) or modern open-source alternatives with active security patching - priority: MEDIUM; action: Implement Web Application Firewall (WAF) rules; details: Deploy rules to detect and block SQL injection patterns in room_type parameter (e.g., detecting quotes, SQL keywords, comment characters) - priority: MEDIUM; action: Database-level hardening; details: Create database user account with minimal required privileges (least privilege principle) for the application—avoid using root/admin accounts for application database connections - priority: LOW; action: Monitoring and detection; details: Implement query logging and anomaly detection on database connections; monitor for unusual SQL patterns or multi-statement executions
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today