A vulnerability was found in Kashipara Group Travel Website 1.0. It has been classified as critical. This affects an unknown part of the file booking.php. The manipulation of the argument hotelIDHidden leads to sql injection.
This vulnerability is uniquely identified as CVE-2023-50862. It is possible to initiate the attack remotely. There is no exploit available.