4 matches found
CVE-2023-50866
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-50866
Travel Website v1.0 contains an unauthenticated SQL injection in the loginAction.php resource via the username parameter, which is not validated before being sent to the database. Root cause: input not validated/filtered. Impact per sources indicates potential SQL injection on login input. Affect...
CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...