4 matches found
CVE-2026-6376
A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no authentication or verification mechanisms. This results in exposure of extensive personal, travel, and booking metadata to any unauthenticated user...
SpiceJet Online Booking System 访问控制错误漏洞
The SpiceJet Online Booking System is an online ticketing system provided by the Indian company SpiceJet. It supports flight search, booking, and order management. The SpiceJet Online Booking System has a security vulnerability related to access control. This vulnerability stems from improper...
PT-2026-34750
Name of the Vulnerable Software and Affected Versions SpiceJet public booking retrieval page affected versions not specified Description Improper access control on a sensitive data retrieval function in the public booking retrieval page allows unauthenticated users to access full passenger bookin...
Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide
Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security...