CVE-2025-10789

Опубликовано: 22 сент. 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Ссылки

https://gold-textbook-8ff.notion.site/Online-Hotel-Reservation-System-In-PHP-With-Source-Code-deleteslide-php-sql-injection-26d85e97f353807585d7e600b31d339e
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.325146
Permissions Required
VDB Entry
https://vuldb.com/?id.325146
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.653881
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product
https://gold-textbook-8ff.notion.site/Online-Hotel-Reservation-System-In-PHP-With-Source-Code-deleteslide-php-sql-injection-26d85e97f353807585d7e600b31d339e
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fabian:online_hotel_reservation_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00039

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-7qr6-m8gx-jwgq

CVSS3: 7.3

github

5 месяцев назад

EPSS

Процентиль: 11%

0.00039

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74