9 matches found
CVE-2026-3710
CVE-2026-3710 affects the code-projects Simple Flight Ticket Booking System 1.0 . The vulnerability is in the file /Adminadd.php , where manipulating parameters flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to SQL injection . Reports indicate remote exploitation is possible ...
CVE-2026-3736
CVE-2026-3736 affects the Simple Flight Ticket Booking System 1.0, specifically the SearchResultRoundtrip.php file. The vulnerability arises from manipulating the input in the results parameter, enabling SQL injection. The issue can be exploited remotely, and the exploit has been publicly release...
CVE-2026-3705
CVE-2026-3705 affects code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is an SQL injection in the /Adminsearch.php handling for the flightno parameter, with remote exploitation possible and a public exploit. Multiple connected sources (NVD, Red Hat, EUVD, CVE lists, and PT...
CVE-2026-3711
Code-projects Simple Flight Ticket Booking System 1.0 contains a SQL injection vulnerability in an unknown function of /Adminupdate.php. The issue arises from manipulating parameters flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp. Remote exploitation is possible and the exploit is ...
CVE-2026-3723
CVE-2026-3723 affects code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is an SQL injection in Admindelete.php triggered by manipulating the flightno parameter, exploitable remotely and reportedly with a publicly released exploit. Remediation guidance across sources include...
CVE-2026-3735
CVE-2026-3735 affects the code-projects Simple Flight Ticket Booking System 1.0 . The vulnerability is in the file SearchResultOneway.php , caused by manipulation of the from argument that leads to an SQL injection. The attack can be launched remotely and the exploit has been publicly disclosed. ...
CVE-2026-3708
The CVE-2026-3708 entry affects code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is an SQL injection in an unknown function of /login.php triggered by manipulating the Username parameter. It can be exploited remotely and there is public exploitation activity. Remediation g...
CVE-2026-3709
CVE-2026-3709 affects the code-projects Simple Flight Ticket Booking System 1.0. The vulnerability is in the file register.php , where manipulating the Username argument leads to a SQL injection . It is remotely exploitable and the exploit has been publicly released. Connected sources corroborate...
CVE-2026-3763
A remote cross-site scripting vulnerability in code-projects’ Simple Flight Ticket Booking System 1.0, found in showhistory.php. The issue arises from manipulation of an (undisclosed) element/function, allowing an attacker to trigger XSS remotely and, per CVSS, yields a medium impact with low int...