VYPR
Unrated severityNVD Advisory· Published Jan 4, 2024· Updated Jun 17, 2025

Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

CVE-2023-50864

Description

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.