cve/2020/CVE-2020-21012.md

### [CVE-2020-21012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21012)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.

### POC

#### Reference
- https://github.com/hitIer/web_test/tree/master/hotel
- https://github.com/hitIer/web_test/tree/master/hotel

#### Github
- https://github.com/ARPSyndicate/kenzer-templates
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-21012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21012)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.`

			`### POC`

			`#### Reference`
			`- https://github.com/hitIer/web_test/tree/master/hotel`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://github.com/hitIer/web_test/tree/master/hotel`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/ARPSyndicate/kenzer-templates`