CVE-2023-48689 | Project Worlds Railway Reservation System 1.0 train.php byname sql injection

Inserito da Angelo Barbosa | Dic 22, 2023 | CVE

A vulnerability has been found in Project Worlds Railway Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file train.php. The manipulation of the argument byname leads to sql injection.

This vulnerability is known as CVE-2023-48689. The attack can be launched remotely. There is no exploit available.

CVE-2023-48689 | Project Worlds Railway Reservation System 1.0 train.php byname sql injection

Post correlati

CVE-2024-44825 | InVesalius 3.1.99995 inv3 File path traversal

CVE-2024-46304 | libcoap up to 4.3.5-rc2 src/coap_block.c coap_handle_request_put_block denial of service

CVE-2023-4397 | Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN 5.37 CLI Command buffer overflow

CVE-2024-37678 | Hangzhou Meisoft Information Technology Finesoft up to 8.0 cross site scripting