CVE-2025-11472
published 2025-10-08CVE-2025-11472: A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation…
medium5.5CVSS 4.0
AVNACLATNPRNUINVCLVILVALSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nikhil-bhalerao | hotel_and_lodge_management_system | — | — |
| sourcecodester | hotel_and_lodge_management_system | — | — |