3 matches found
CVE-2022-33058
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletemessage...
CVE-2022-33058
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletemessage...
CVE-2022-33058
CVE-2022-33058 affects Online Railway Reservation System v1.0. The vulnerability is a SQL injection via the id parameter in /classes/Master.php?f=delete_message, caused by unsafe SQL handling in that path. Initial data provides CVSS metrics (2.0: 6.5; 3.1: 7.2) indicating exploitable network acce...