3 matches found
CVE-2022-40099
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpensecategory.php...
CVE-2022-40099
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpensecategory.php...
CVE-2022-40099
CVE-2022-40099 affects Online Tours & Travels Management System v1.0. A SQL injection vulnerability exists in /admin/update_expense_category.php via the id parameter due to lack of input validation against an external SQL statement. Public sources indicate the issue can lead to disclosure of sens...