Vulnerability CVE-2023-45013


Published: 2023-11-02

Description:
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user_query' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://fluidattacks.com/advisories/oconnor
https://projectworlds.in/

Copyright 2026, cxsecurity.com

 

Back to Top