CVE-2023-1498

MEDIUM

Responsive Hotel Site 1.0 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-1498. PoCs published by Decemberus.

AI-analyzed exploit summary This repository appears to be a placeholder or writeup for CVE-2023-1498, containing only a README with minimal information. No exploit code or technical details are provided.

Description

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223398 is the identifier assigned to this vulnerability.

Exploits (1)

nomisec WRITEUP 2 stars
by Decemberus · poc
https://github.com/Decemberus/BugHub

This repository appears to be a placeholder or writeup for CVE-2023-1498, containing only a README with minimal information. No exploit code or technical details are provided.

Classification
Writeup 30%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unspecified
No auth needed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Permissions Required, Third Party Advisory vdb-entry technical-description
https://vuldb.com/?id.223398
Permissions Required, Third Party Advisory signature permissions-required
https://vuldb.com/?ctiid.223398

Scores

CVSS v3 6.3
EPSS 0.0087
EPSS Percentile 54.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
fabian/responsive_hotel_site 1.0
Published Mar 19, 2023
Tracked Since Feb 18, 2026