3 matches found
CVE-2026-55740
CVE-2026-55740 affects Nur-Alam39 bus-ticket. The vulnerability is an unauthenticated SQL injection in bus_info.php where the busid parameter from an HTTP POST is concatenated directly into the query: select * from bus_info where id=$busid. This occurs in a numeric context and is not sanitized, e...
CVE-2026-55740 SQL Injection in Nur-Alam39 bus-ticket bus_info.php via busid parameter
Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...
CVE-2023-45012
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'useremail' parameter of the businfo.php resource does not validate the characters received and they are sent unfiltered to the database...