cleantalk
Vulnerabilities and Security Researches

Hotel Booking, CVE-2025-53259

CVE, Research URL

CVE-2025-53259

Home page URL

Security reports for Hotel Booking

Application

Hotel Booking

Published on
Jun 27, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking allows PHP Local File Inclusion. This issue affects Hotel Booking: from n/a through 3.7.
Affected versions
Min -, max 3.8.
Status
vulnerable
Previous vulnerability researches
Advanced Flamingo (CVE-2023-52226) , Jun 07, 2024
Flamingo , Apr 16, 2025
Flamingo (022a9997dfc335fe7d818f90b085eb691dd3ba3c) , Jun 07, 2024
New vulnerability
Elementor Website Builder – More than Just a Page Builder (CVE-2024-50555) , Jul 03, 2025
Off-Canvas Sidebars & Menus (Slidebars) (CVE-2025-49290) , Jul 03, 2025
Accept Stripe Payments Using Contact Form 7 (CVE-2025-53309) , Jul 03, 2025
Opal Estate Pro – Property Management and Submission (CVE-2025-6934) , Jul 03, 2025
TM Replace Howdy (CVE-2025-49972) , Jul 03, 2025