Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-88801
HistorySep 29, 2022 - 12:00 a.m.

Online Tours

2022-09-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
online tours
travels management
sql injection
mayuri k. a
illegal sql commands
database data
online travel management
system v1.0.

EPSS

0.001

Percentile

37.7%

Online Tours & Travels Management System is an online travel management system developed by Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from /admin/update The id parameter of _traveller.php lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal database data.

EPSS

0.001

Percentile

37.7%

Related for CNVD-2022-88801