CVE-2026-54419 | claudiopizzillo PIAF-HMS rooms.php mysql_query ID sql injection

A vulnerability classified as critical was found in claudiopizzillo PIAF-HMS. Impacted is the function mysql_query of the file rooms.php. Executing a manipulation of the argument ID can lead to sql injection.

This vulnerability is registered as CVE-2026-54419. It is possible to launch the attack remotely. No exploit is available.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More