Soumettre #690978: travel-agency web 1 SQL Injection Vulnerabilityinformation

Titretravel-agency web 1 SQL Injection Vulnerability
DescriptionTravel Agency v.1.0 is vulnerable to an SQL Injection vulnerability. The code directly concatenates the user-controllable variable $get_id (retrieved from $_GET['edit_pack']) into the SQL statement without any filtering or preprocessing, allowing attackers to construct injection payloads via the edit_pack parameter.
La source⚠️ https://github.com/www223-ai/CVE/blob/main/travel-sql.docx
Utilisateur
 www234 (UID 92385)
Soumission07/11/2025 14:52 (il y a 5 mois)
Modérer22/11/2025 15:55 (15 days later)
StatutAccepté
Entrée VulDB333312 [ashraf-kabir travel-agency /admin_area/index.php edit_pack injection SQL]
Points19

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!