CVE-2026-14688

Severity CVSS v4.0:
MEDIUM
Type:
CWE-74 Injection
Publication date:
05/07/2026
Last modified:
06/07/2026

Description

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.