2 matches found
CVE-2022-40093
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatetax.php...
CVE-2022-40093
Online Tours & Travels Management System v1.0 contains a SQL injection vulnerability in the id parameter of /tour/admin/update_tax.php due to insufficient input validation. Root cause: lack of validation/execution of externally supplied SQL. Impact: high—confidentiality, integrity, and availabili...