Lucene search
China National Vulnerability DatabaseCNVD-2022-62193HistoryJun 17, 2022 - 12:00 a.m.
Online Tours And Travels Management System SQL注入漏洞
2022-06-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
online tours and travels
management system
sql injection
vulnerability
admin operations
php
validation
external input
sql statements
attacker
sensitive data
database
EPSS
0.001
Percentile
37.7%
Online Tours And Travels Management System is an online tour management system. v1.0 of Online Tours And Travels Management System is vulnerable to SQL injection, which originates from /admin/operations/tax. The tname parameter in php lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
prion
prion
Sql injection
2022-06-15 17:15:00
cvelist
cvelist
CVE-2022-32992
2022-06-15 16:22:29
nvd
nvd
CVE-2022-32992
2022-06-15 17:15:09
cve
cve
CVE-2022-32992
2022-06-15 17:15:09