2 matches found
CVE-2022-40049
SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manageuser.php page...
CVE-2022-40049
CVE-2022-40049 affects sourcecodester Theme Park Ticketing System v1.0. A SQL injection via the id parameter on /tpts/manage_user.php can lead to unauthorized viewing of sensitive data (confidentiality impact). CVSSv3.1 base score 7.5 (HIGH) with network attack vector, low attack complexity, no u...