NEXTGUARD
UNKNOWNCVE-2026-5551

itsourcecode Free Hotel Reservation System Parameter login.php sql injection

Platform

php

Component

itsourcecode-free-hotel-reservation-system

View on NVD

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

How to fix

Actualice el sistema a una versión corregida o aplique parches de seguridad para mitigar la vulnerabilidad de inyección SQL en el archivo login.php.  Implemente validación y sanitización de entradas para prevenir la manipulación de argumentos maliciosos.  Considere utilizar consultas preparadas o procedimientos almacenados para evitar la inyección SQL.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2026-5551 — Vulnerability Details | NextGuard | NextGuard