Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
SourceCodester Resort Reservation System 1.0: Malicious Code Injection
CVE-2026-3819
Summary
The SourceCodester Resort Reservation System 1.0 has a security flaw in its reservation management module. This flaw allows hackers to inject malicious code into the system, potentially allowing them to access or manipulate sensitive information. Users should update their system to the latest version to prevent exploitation.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| oretnom23 | resort_reservation_system | 1.0 | – |
Original title
A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Manage...
Original description
A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
4.0
nvd CVSS3.1
3.5
nvd CVSS4.0
5.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026