Online Travel Agency System
by Online Travel Agency System
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-31945 | Hig | 0.47 | 7.2 | 0.01 | Aug 17, 2023 | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php. | ||
| CVE-2023-31943 | Hig | 0.47 | 7.2 | 0.01 | Aug 17, 2023 | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php. | ||
| CVE-2023-31939 | Hig | 0.47 | 7.2 | 0.01 | Aug 17, 2023 | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php. | ||
| CVE-2023-31938 | Hig | 0.47 | 7.2 | 0.01 | Aug 17, 2023 | SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php. | ||
| CVE-2023-31942 | Med | 0.31 | 4.8 | 0.01 | Aug 17, 2023 | Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php. |
- risk 0.47cvss 7.2epss 0.01
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php.
- risk 0.47cvss 7.2epss 0.01
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php.
- risk 0.47cvss 7.2epss 0.01
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.
- risk 0.47cvss 7.2epss 0.01
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.
- risk 0.31cvss 4.8epss 0.01
Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.