CVE-2026-14688
HIGH
NVD
CVSS Score
7.3
Severity
HIGH
Published
Jul 05, 2026
Vendor
unknown
Description
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.