Enviar #825939: code-projects Hotel and Tourism Reservation System 1.0 SQL Injectioninformación

Títulocode-projects Hotel and Tourism Reservation System 1.0 SQL Injection
DescripciónA critical SQL Injection vulnerability exists in the tour GET parameter of tour.php in Hotel and Tourism Reservation System 1.0. The parameter is passed directly into a raw SQL query with no sanitization, no prepared statements, and no input validation. An unauthenticated remote attacker can manipulate the query to extract, modify, or delete any data in the database. The vulnerability was confirmed by a full database dump using sqlmap.
Fuente⚠️ https://github.com/Xmyronn/Hotel-and-Tourism-Reservation-System---Unauthenticated-SQL-Injection.git
Usuario
 imad alvi (UID 97088)
Sumisión2026-05-11 20:55 (hace 25 días)
Moderación2026-05-31 18:41 (20 days later)
EstadoAceptado
Entrada de VulDB367583 [code-projects Hotel and Tourism Reservation System 1.0 GET Parameter tour.php tour inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to know what is going to be exploited?

We predict KEV entries!