Fabianros Simple Online Hotel Reservation System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Fabianros Simple Online Hotel Reservation System.
By the Year
In 2026 there have been 0 vulnerabilities in Fabianros Simple Online Hotel Reservation System. Last year, in 2025 Simple Online Hotel Reservation System had 10 security vulnerabilities published. Right now, Simple Online Hotel Reservation System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 10 | 9.80 |
| 2024 | 1 | 6.10 |
| 2023 | 1 | 9.80 |
It may take a day or so for new Simple Online Hotel Reservation System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fabianros Simple Online Hotel Reservation System Security Vulnerabilities
Critical SQLi in code-projects SOHR 1.0 /admin/delete_pending.php
CVE-2025-6451
9.8 - Critical
- June 22, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete_pending.php. The manipulation of the argument transaction_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
SQL Injection
Critical SQLi in SOHRS 1.0 via transaction_id in /admin/confirm_reserve.php
CVE-2025-6450
9.8 - Critical
- June 22, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/confirm_reserve.php. The manipulation of the argument transaction_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Simple Online Hotel Reservation System 1.0: SQLi in /admin/checkout_query.php
CVE-2025-6449
9.8 - Critical
- June 22, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/checkout_query.php. The manipulation of the argument transaction_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi critical in code-projects S.O.HRS 1.0 /admin/delete_room.php
CVE-2025-6448
9.8 - Critical
- June 22, 2025
A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_room.php. The manipulation of the argument room_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in Simple Online Hotel Reservation System 1.0 (admin/index.php)
CVE-2025-6447
9.8 - Critical
- June 22, 2025
A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Simple Online Hotel Reservation System 1.0: SQLi /admin/add_account.php (Critical)
CVE-2025-6421
9.8 - Critical
- June 21, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/add_account.php. The manipulation of the argument name/admin_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Simple Online Hotel Reservation System 1.0: Critical SQLi via /admin/add_room.php
CVE-2025-6420
9.8 - Critical
- June 21, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add_room.php. The manipulation of the argument room_type leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHP Simple Online Hotel 1.0 - /admin/edit_query_account.php Remote SQLi
CVE-2025-6418
9.8 - Critical
- June 21, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_query_account.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in Simple Online Hotel Reservation System 1.0 /admin/edit_room.php (room_type)
CVE-2025-6419
9.8 - Critical
- June 21, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument room_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in Simple Online Hotel Reservation System 1.0 via add_reserve.php (Remote)
CVE-2025-6394
9.8 - Critical
- June 21, 2025
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add_reserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
SQL Injection
Simple Online Hotel Reservation 1.0 - XSS in Make a Reservation Page
CVE-2024-0504
6.1 - Medium
- January 13, 2024
A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file add_reserve.php of the component Make a Reservation Page. The manipulation of the argument Firstname/Lastname with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250618 is the identifier assigned to this vulnerability.
XSS
Critical Unrestricted File Upload in add_room.php of Simple Online Hotel Reservation 1.0
CVE-2023-1561
9.8 - Critical
- March 22, 2023
A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file add_room.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. VDB-223554 is the identifier assigned to this vulnerability.
Unrestricted File Upload
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fabianros Simple Online Hotel Reservation System or by Fabianros? Click the Watch button to subscribe.
