CVE-2024-7499 | itsourcecode Airline Reservation System 1.0 flights.php departure_airport_id sql injection

Posted by Angelo Barbosa | Aug 5, 2024 | CVE

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file flights.php. The manipulation of the argument departure_airport_id leads to sql injection.

This vulnerability is known as CVE-2024-7499. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7499 | itsourcecode Airline Reservation System 1.0 flights.php departure_airport_id sql injection

Related Posts

CVE-2024-40944 | Linux Kernel up to 6.6.34/6.9.5 cc_platform_has denial of service (d91ddd050826/2cfb464669b6/93c1800b3799)

CVE-2024-36401 | GeoServer up to 2.23.5/2.24.3/2.25.1 OGC Request neutralization of directives (GHSA-6jj6-gm7p-fcvv)

CVE-2024-50350 | LibreNMS up to 24.9.x Port Settings Page name cross site scripting

CVE-2024-0830 | Comments Extra Fields for Post, Pages and CPT Plugin cross-site request forgery