Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024
Railway Reservation System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2023-48685
Description
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = v1.0
- Projectworlds Pvt. Limited/Railway Reservation Systemv5Range: 1.0
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/barenboim/mitrethird-party-advisory
- projectworlds.inmitreproduct
News mentions
0No linked articles in our index yet.