Lucene search
+L

4 matches found

nvd
nvd
added 2024/01/04 3:15 p.m.24 views

CVE-2023-50866

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2024/01/04 2:32 p.m.4 views

CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
cve
cve
added 2024/01/04 2:32 p.m.42 views

CVE-2023-50866

Travel Website v1.0 contains an unauthenticated SQL injection in the loginAction.php resource via the username parameter, which is not validated before being sent to the database. Root cause: input not validated/filtered. Impact per sources indicates potential SQL injection on login input. Affect...

9.8CVSS9.9AI score0.00672EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2024/01/04 2:32 p.m.26 views

CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
Rows per page
Query Builder