VYPR
Unrated severityNVD Advisory· Published Jan 29, 2023· Updated Aug 2, 2024

SourceCodester Online Tours & Travels Management System payment_operation.php sql injection

CVE-2023-0570

Description

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file user\operations\payment_operation.php. The manipulation of the argument booking_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219729 was assigned to this vulnerability.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.