Unrated severityNVD Advisory· Published Jan 4, 2024· Updated Jun 17, 2025
Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2023-50864
Description
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 1.0
- Kashipara Group/Travel Websitev5Range: 1.0
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/evans/mitrethird-party-advisory
- www.kashipara.commitreproduct
News mentions
0No linked articles in our index yet.