CNNVD-202512-3359 Information

CNNVD ID

CNNVD-202512-3359

Related CVE

CVE-2025-63949

• CNNVD Published: 2025-12-18

Description (Chinese)

Hotel Management System是印度Prem Chand Saini个人开发者的一个基于酒店管理系统的 MIS 项目。 Hotel Management System 87e004a版本存在安全漏洞，该漏洞源于room.php文件中error参数未过滤，可能导致反射型跨站脚本攻击。

Description (English)

Hotel Management Systems is an MIS project based on the hotel management system of Prem Chand Saini, India. The Hotel Management System 87e004a version has a security loophole, which originates from the fact that the error parameters in the room.php file are not filtered and may lead to a reflective cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-18

Last Modified

2026-02-24

References

https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/Hotel-Management-System/CVE-2025-63949.md https://github.com/solonbarroso/vulnerability-research/blob/main/advisories/Hotel-Management-System/CVE-pending-XSS.md https://access.redhat.com/security/cve/cve-2025-63949