CVE-2026-3800
published 2026-03-09CVE-2026-3800: A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file…
low2.1CVSS 4.0
AVNACLATNPRLUINVCLVILVALSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| janobe | resort_reservation_system | — | — |
| msrc | microsoft_edge | — | — |
| oretnom23 | resort_reservation_system | — | — |
| sourcecodester | resort_reservation_system | — | — |