Vulnerability CVE-2023-45017


Published: 2023-11-02

Description:
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'destination' parameter of the search.php resource does not validate the characters received and they are sent unfiltered to the database.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://fluidattacks.com/advisories/oconnor
https://projectworlds.in/

Copyright 2026, cxsecurity.com

 

Back to Top