Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
itsourcecode Free Hotel Reservation System login page vulnerable to email hacking
CVE-2026-5551
Summary
The login page of itsourcecode Free Hotel Reservation System 1.0 may be vulnerable to hacking attempts. This could allow an attacker to access sensitive information. Update the software to the latest version to fix this issue.
Original title
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler....
Original description
A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 5 Apr 2026 · Updated: 7 Apr 2026 · First seen: 5 Apr 2026