CVE-2026-14754 | code-projects Hotel and Tourism Reservation 1.0 /admin/add_room.php sql injection

SecurityVulns

A vulnerability categorized as critical has been discovered in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/add_room.php. Executing a manipulation of the argument delete_image/edit/description/number/price/rooms/type can lead to sql injection.

This vulnerability is tracked as CVE-2026-14754. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More