Описание
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:online_bus_ticket_reservation_project:online_bus_ticket_reservation:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00537
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.
EPSS
Процентиль: 67%
0.00537
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89