3 matches found
CVE-2023-50864
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50864
CVE-2023-50864 concerns Travel Website v1.0, with multiple unauthenticated SQL injection vulnerabilities in the hotelDetails.php hotelId parameter. The underlying issue is that characters received are not validated/filtered before being sent to the database, enabling potential data access/alterat...
CVE-2023-50864 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelId' parameter of the hotelDetails.php resource does not validate the characters received and they are sent unfiltered to the database...