CNNVD-202512-816 Information

Dec 07, 2025 cve

CNNVD ID

CNNVD-202512-816

CVE-2025-14200

CNNVD Published: 2025-12-07

Description (Chinese)

Hotel-Management-services-using-MYSQL-and-php是Alok .S. Jaiswal个人开发者的一个酒店管理系统。 Hotel-Management-services-using-MYSQL-and-php存在代码注入漏洞，该漏洞源于文件/usersub.php中未知函数处理不当，可能导致跨站脚本攻击。

Description (English)

Hotel-Management-services-using-MYSQL-and-php is a hotel management system for Alok.S. Jaiswal’s personal developer. Hotel-Management-services-using-MYSQL-and-php has a code-injecting loophole, which stems from the improper handling of unknown functions in file/usersub.php and may result in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-12-07

Last Modified

2026-02-24

References

https://github.com/Yh276/h0202/blob/main/Hotel-Management-services-using-MYSQL-and-php%20web%202xxs.docx https://vuldb.com/?ctiid.334620 https://vuldb.com/?id.334620 https://vuldb.com/?submit.699993 https://access.redhat.com/security/cve/cve-2025-14200

Share on: