Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6376

A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no authentication or verification mechanisms. This results in exposure of extensive personal, travel, and booking metadata to any unauthenticated user...

8.7CVSS5.4AI score0.00497EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/23 8:10 p.m.4 views

CVE-2026-6376 Missing authentication for critical function in SpiceJet Online Booking System

A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no authentication or verification mechanisms. This results in exposure of extensive personal, travel, and booking metadata to any unauthenticated user...

8.7CVSS5.3AI score0.00497EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.11 views

SpiceJet Online Booking System 访问控制错误漏洞

The SpiceJet Online Booking System is an online ticketing system provided by the Indian company SpiceJet. It supports flight search, booking, and order management. The SpiceJet Online Booking System has a security vulnerability related to access control. This vulnerability stems from improper...

8.7CVSS5.8AI score0.00497EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.5 views

PT-2026-34750

Name of the Vulnerable Software and Affected Versions SpiceJet public booking retrieval page affected versions not specified Description Improper access control on a sensitive data retrieval function in the public booking retrieval page allows unauthenticated users to access full passenger bookin...

8.7CVSS5.9AI score0.00497EPSS
Exploits0References3
Rows per page
Query Builder