A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /enquiry.php. The manipulation of the argument t2 leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XProjectworlds Travel Management System
APPProjectworlds1.0
Powiązane podatności
SQL Injection w Travel Management System — ominięcie uwierzytelniania
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Pro...
SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execut...
A vulnerability was found in projectworlds Travel Management System 1.0. This issue affects some unknown proce...
A vulnerability was determined in projectworlds Travel Management System 1.0. Impacted is an unknown function ...