Bus Booking Script SQL Injection Vulnerability
Bus Booking Script is an online bus booking management system based on PHP and MySQL. A SQL injection vulnerability exists in Bus Booking Script. A remote attacker can obtain sensitive data e.g., current database user, mysql user by sending the 'spid' parameter to the admin/viewseatseller.php fil...