CVE-2026-36942

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.

low 2.7 CVSS 3.1

Published: Apr 13, 2026

Modified: Apr 13, 2026

Description

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.

References

https://github.com/huliangjia/bug_report/blob/main/Sourcecodester/online-resort-management-system/SQL-4.md