CVE-2026-10288 – code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

CVE ID :CVE-2026-10288

Published : June 1, 2026, 8 p.m. | 32 minutes ago

Description :A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-25879 – Langroid has Prompt to SQL Injection, Leading to RCE

CVE-2026-28511 – elabftw has entry title leakage through autocompletion search

CVE-2026-49491 – Pixa Bank 2.0 SQL Injection via agence-ajax.php API

CVE-2026-40965 – Cloud Foundry UAA EC Private Key Exposure