Zhihong Tian

CVE-2025-10788 WRITEUP HIGH WRITEUP

Online Hotel Reservation System 1.0 - SQL Injection via deleteroominventory.php ID Parameter

A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVSS 7.3

View Code

CVE-2025-10802 WRITEUP HIGH WRITEUP

Online Bidding System 1.0 - SQL Injection via ID Parameter in remove.php

A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

CVSS 7.3

View Code