Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Tushar-2223 Hotel Management System SQL Injection Flaw
CVE-2026-2553
Summary
A bug in the Tushar-2223 Hotel Management System allows hackers to inject malicious code into the system by manipulating user input, potentially giving them access to sensitive data. This affects users of the system, who should be cautious and take steps to protect themselves. The vendor has not yet provided a fix, so users should consider alternative security measures.
Original title
A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP P...
Original description
A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Name/Email results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 16 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026