Vulnerability Details: Vulnerability Name: CVE-2025-12857 Product Affected: code-projects Responsive Hotel Site 1.0 Severity: Critical CWE Classification: CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')) Summary: A critical vulnerability has been identified in the code-projects Responsive Hotel Site 1.0. The vulnerability is caused by an SQL injection in the file, specifically through the parameter. An exploit is publicly available. Details: The vulnerability allows manipulation of the parameter, leading to SQL injection. The exploit is classified as T1505 according to MITRE ATT&CK and is shared on Github as a proof-of-concept. The attack can be initiated remotely with minimal authentication, impacting confidentiality, integrity, and availability. Impact: The critical nature of this vulnerability requires immediate attention, as it can be exploited remotely and potentially compromise the entire database. It is suggested to replace the affected product with an alternative to mitigate the risk. Exploit Availability: Public exploit available on Github for download.