2 matches found
CVE-2019-9064
The CVE-2019-9064 entry corresponds to a directory traversal flaw in PHP Scripts Mall Cab Booking Script 1.0.3. Multiple connected sources (CNVD, CVE records, PRION, NVD) describe that an attacker can traverse directories to reach the parent directory of a jpg or png file, exposing directory stru...
CVE-2017-17601
CVE-2017-17601 affects Cab Booking Script 1.0 (by PHP Scripts Mall India). The vulnerability is a SQL injection in the /service-list endpoint via the city parameter, allowing a remote attacker to inject SQL commands. The connected CNVD entry explicitly describes a SQL injection vulnerability in v...