| Title | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at admin/page-login.php |
|---|
| Description | A vulnerability classified as serious has been found in the Online Tours&Travels Management System. The vulnerability exists at the login.This will affect the file admin/page login.php. When you log in and perform the sql test on the email parameters, you find that the email parameters are directly spliced into the sql statement.Operation on parameter email results in sql injection. |
|---|
| Source | ⚠️ https://github.com/linmoren/online-tours-travels-management-system/blob/main/adminpage-login-email.md |
|---|
| User | muzishouchen (UID 36418) |
|---|
| Submission | 01/16/2023 14:51 (3 years ago) |
|---|
| Moderation | 01/16/2023 15:34 (43 minutes later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 218426 [SourceCodester Online Tours & Travels Management System 1.0 admin/page-login.php email sql injection] |
|---|
| Points | 19 |
|---|