A vulnerability was found in Project Worlds Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file train.php. The manipulation of the argument bynum leads to sql injection.

This vulnerability is handled as CVE-2023-48690. The attack may be launched remotely. There is no exploit available.