← back
CVE-2025-11479

SourceCodester Wedding Reservation Management System function.php insertReservation sql injection

CVSS 6.9 MEDIUMEPSS 0.4%CWE-74CWE-89
A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the argument number leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
SourceCodester · Wedding Reservation Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/DrNbnonono/CVE/issues/7https://vuldb.com/?ctiid.327597https://vuldb.com/?id.327597https://vuldb.com/?submit.667388https://www.sourcecodester.com/