2 matches found
CVE-2017-17829
The CVE-2017-17829 entry corresponds to a SQL injection vulnerability in Bus Booking Script (PHP/MySQL). Affected components are the admin/view_seatseller.php sp_id parameter and the admin/view_member.php memid parameter, as described across multiple sources (NVD, CNVD, RH Red Hat, CVE lists). Th...
CVE-2017-17830
CVE-2017-17830 affects Bus Booking Script, with a cross-site request forgery (CSRF) vulnerability found in admin/new_master.php. The connected documents consistently describe CSRF via this endpoint as the issue; no explicit product versions, root-cause detail beyond CSRF, or remediation steps are...