CVE-2024-0883 | SourceCodester Online Tours & Travels Management System 1.0 admin/pay.php prepare id sql injection

Posted by Angelo Barbosa | Jan 25, 2024 | CVE

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection.

This vulnerability was named CVE-2024-0883. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0883 | SourceCodester Online Tours & Travels Management System 1.0 admin/pay.php prepare id sql injection

Related Posts

CVE-2024-42034 | Huawei HarmonyOS/EMUI Account Module logic error

CVE-2023-6878 | Slick Social Share Buttons Plugin up to 2.4.11 on WordPress Option access control

CVE-2024-8517 | SPIP up to 4.1.18/4.2.15/4.3.1 Multipart File Upload reliance on file name or extension of externally-supplied file

CVE-2024-8263 | GitHub Enterprise Server up to 3.10.16/3.11.14/3.12.8/3.13.3/3.14.0 PAT privileges management