CVE-2026-14755 PUBLISHED

code-projects Hotel and Tourism Reservation Reservations Management reservations.php sql injection

Assigner: VulDB
Reserved: 04.07.2026 Published: 05.07.2026 Updated: 05.07.2026

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Reservations Management Page. The manipulation of the argument delete leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
CVSS Score: 6.9

Product Status

Vendor code-projects
Product Hotel and Tourism Reservation
Versions
  • Version 1.0 is affected

Credits

  • anubhav106 (VulDB User) reporter

References

Problem Types

  • SQL Injection CWE
  • Injection CWE