Product

Hotel and Tourism Reservation System 1.0

2 briefs RSS

CVE-2026-10290: Hotel and Tourism Reservation System SQL Injection Vulnerability

A SQL injection vulnerability exists in code-projects Hotel and Tourism Reservation System version 1.0 due to improper sanitization of the 'tour' GET parameter in the tour.php file, potentially allowing remote attackers to execute arbitrary SQL queries.

Hotel and Tourism Reservation System 1.0 cve sql-injection web-application

2r 1t 1c 1h ago

high advisory

CVE-2026-10288 - code-projects Hotel and Tourism Reservation System Authentication Bypass

2 rules 2 TTPs 1 CVE

CVE-2026-10288 is a high severity vulnerability in code-projects Hotel and Tourism Reservation System 1.0, allowing remote attackers to bypass authentication via manipulation of the Password argument in the /admin/login.php file.

Hotel and Tourism Reservation System 1.0 cve-2026-10288 authentication bypass web application

2r 2t 1c 2h ago