16 matches found
CVE-2022-33042
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php.
CVE-2022-33048
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php.
CVE-2022-33057
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation.
CVE-2022-33061
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service.
CVE-2022-33060
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.
CVE-2022-33059
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train.
CVE-2022-33049
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user.
CVE-2022-33058
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message.
CVE-2024-7815
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument emp_fname ...
CVE-2024-7814
A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_a...
CVE-2022-33055
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php.
CVE-2024-7910
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/emp-profile-avatar.php of the component Profile Photo Update Handler. The manipulation leads to unrestricted upload. The a...
CVE-2022-33056
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php.
CVE-2024-7912
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. T...
CVE-2021-46308
An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter.
CVE-2024-0782
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be ini...