CNNVD-202511-042 Information
CNNVD ID
CNNVD-202511-042
Related CVE
- CNNVD Published: 2025-11-02
Description (Chinese)
Code-Projects Simple Online Hotel Reservation System是Code-Projects开源的一个简单的在线酒店预订系统。 Code-Projects Simple Online Hotel Reservation System 2.0版本存在代码问题漏洞,该漏洞源于文件/admin/edit_room.php中Photo Handler组件存在上传功能限制不当,可能导致远程攻击。
Description (English)
Code-Projects Online Hotel Supply System is a simple online hotel reservation system open to Code-Projects. The Code-Projects Simple Online Renewal System 2.0 has a code gap, which stems from the inappropriate upload functional limitations of the Photo Handler component in the file/admin/edit room.php, which may result in a long-range attack.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Code-Projects
Published
2025-11-02
Last Modified
2026-02-24
References
https://vuldb.com/?id.330888 https://code-projects.org/ https://vuldb.com/?submit.677547 https://vuldb.com/?ctiid.330888 https://github.com/asd1238525/cve/blob/main/upload2.md https://access.redhat.com/security/cve/cve-2025-12593
Share on: