CVE-2026-7697 | AMTT Hotel Broadband Operation System 1.0 cardhand_submit.php ID sql injection

A vulnerability, which was classified as critical, has been found in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes sql injection.

This vulnerability is registered as CVE-2026-7697. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More