2 matches found
CVE-2022-40098
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpense.php...
CVE-2022-40098
CVE-2022-40098 affects Online Tours & Travels Management System v1.0. A SQL injection flaw exists in the /admin/update_expense.php endpoint via the id parameter due to inadequate validation of externally supplied SQL statements. Impacted data exposure is described as sensitive database informatio...