CVE-2025-10789

CWE-74CWE-89SQL Injection3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.0%
top 92.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Online Hotel Reservation SystemFabian Online Hotel Reservation System
Timeline
PublishedSep 22

Description

A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-7qr6-m8gx-jwgq: A vulnerability was identified in SourceCodester Online Hotel Reservation System 12025-09-22
CVEList
SourceCodester Online Hotel Reservation System deleteslide.php sql injection2025-09-22
CVE-2025-10789 (MEDIUM CVSS 6.9) | A vulnerability was identified in S | cvebase.io