Security Advisory

CVE-2019-25530

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-12 15:37:01

Last updated 2026-03-12 16:46:51

Assigner VulnCheck

State PUBLISHED

Description

uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the system_page GET parameter. Attackers can send crafted requests to index.php with malicious system_page values using time-based blind SQL injection techniques to extract sensitive database information.

← Browse all CVEs View on cve.org ↗