4 matches found
CVE-2025-13344
CVE-2025-13344 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=login handler, triggered by manipulating the Username parameter, with remote access and a public exploit. Impact is reported as high/critical on confidentiality, ...
CVE-2025-13345
CVE-2025-13345 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability resides in the web application file /ajax.php?action=save_ticket, where manipulation of the action parameter leads to a SQL injection. It is exploitable remotely and has publicly disclosed exploits. Connec...
CVE-2025-13346
CVE-2025-13346 affects SourceCodester Train Station Ticketing System v1.0. The vulnerability is in /ajax.php?action=save_station where manipulating id/station enables SQL injection. Reported as exploitable remotely with a public exploit; CVSS data indicate high/confidentiality/ integrity/availabi...
CVE-2025-13347
The CVE-2025-13347 affects SourceCodester Train Station Ticketing System 1.0. The vulnerability resides in the /ajax.php?action=save_user path where manipulating the Username parameter can trigger a SQL injection. Attacks can be launched remotely and exploits have been published, with multiple so...