CVE-2025-12253 | AMTT Hotel Broadband Operation System 1.0 get_expiredtime.php uid sql injection

A vulnerability classified as critical has been found in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation of the argument uid causes sql injection.

This vulnerability appears as CVE-2025-12253. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More