CVE-2024-0883 | SourceCodester Online Tours & Travels Management System 1.0 admin/pay.php prepare id sql injection

Posted by Angelo Barbosa | Jan 25, 2024 | CVE

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection.

This vulnerability was named CVE-2024-0883. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0883 | SourceCodester Online Tours & Travels Management System 1.0 admin/pay.php prepare id sql injection

Related Posts

CVE-2024-1792 | CMB2 Plugin up to 2.10.1 on WordPress code injection

CVE-2024-2912 | BentoML Framework up to 1.2.4 POST Request insecure default initialization of resource

CVE-2023-37577 | GTKWave 3.3.115 get_vartoken use after free (TALOS-2023-1806)

CVE-2024-2994 | Tenda FH1203 2.0.1.6 GetParentControlInfo mac stack-based overflow