VikBooking Hotel Booking Engine & PMS Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability has been identified in VikBooking Hotel Booking Engine & PMS versions through 1.8.2. This vulnerability allows for broken access control, potentially enabling unauthorized actions or access within the application.

Impact

Exploitation of this vulnerability could lead to unauthorized access or actions within the VikBooking Hotel Booking Engine & PMS application, allowing users to bypass intended access controls.

Added: Nov 6, 2025, 4:27 PM

Updated: Nov 6, 2025, 9:02 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

7.6

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

7.6

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VikBooking Hotel Booking Engine & PMS Missing Authorization Vulnerability

Vulnerability

Impact

Affected Products

e4jvikwp VikBooking Hotel Booking Engine & PMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating