CVE-2026-36937
SQL Injection in Sourcecodester Resort Management System Reservations
Publication date: 2026-04-13
Last updated on: 2026-04-13
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sourcecodester | online_resort_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in Sourcecodester Online Resort Management System v1.0 is an SQL injection found in the file /orms/admin/reservations/view_details.php.
SQL injection is a type of security flaw where an attacker can insert or manipulate SQL queries by injecting malicious input, potentially allowing unauthorized access to or manipulation of the database.
How can this vulnerability impact me? :
This SQL injection vulnerability can allow an attacker to access, modify, or delete sensitive data stored in the database of the Online Resort Management System.
It may lead to unauthorized data disclosure, data corruption, or even full system compromise depending on the database permissions and the attacker's skill.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in the Online Resort Management System v1.0 allows unauthorized attackers to extract sensitive data from the backend database by exploiting the unsanitized 'id' parameter. This unauthorized data disclosure can lead to breaches of personal and sensitive information stored in the system.
Such data breaches can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal data and mandate strict controls to prevent unauthorized access and disclosure.
Therefore, this vulnerability poses a risk to maintaining compliance with these regulations due to the potential exposure of protected data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This SQL injection vulnerability can be detected by testing the vulnerable URL parameter `id` in the endpoint `/orms/admin/reservations/view_details.php` for improper input sanitization.
A common detection method is to send a crafted payload that attempts to manipulate the SQL query, such as a UNION-based injection, and observe if the database responds with unexpected data.
- Use a curl command to test the injection point, for example: curl "http://<target>/orms/admin/reservations/view_details.php?id=-2' union select 1,database(),3,4,5,6,7,8,9,10,11,12,13,14--+"
- Alternatively, use a web vulnerability scanner or SQL injection testing tools like sqlmap targeting the `id` parameter at the specified URL.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include sanitizing and parameterizing the input received from the `id` parameter in `/orms/admin/reservations/view_details.php` to prevent SQL injection.
Implement prepared statements with parameterized queries in the backend PHP code to ensure that user input cannot alter the intended SQL commands.
Additionally, restrict database permissions to limit the impact of any potential injection and monitor logs for suspicious activity targeting this endpoint.
If possible, update or patch the system with a vendor-provided fix or upgrade to a version that addresses this vulnerability.