Submit #75063: Online Tours & Travels Management System V1.0 user/forget_password.php email sql injection
| Title | Online Tours & Travels Management System V1.0 user/forget_password.php email sql injection |
|---|---|
| Description | A vulnerability classified as serious has been found in the Online Tours&Travels Management System V 1.0. The vulnerability exists at the login page.This will affect the file user/forget_password.php. The email parameter is directly spliced into the sql statement and executed without any filtering .Operation on parameter email results in sql injection. |
| Source | ⚠️ https:/ |
| User | muzishouchen (ID 36418) |
| Submission | 2023-01-20 18時05分 (1 Year ago) |
| Moderation | 2023-01-26 17時58分 (6 days later) |
| Accepted | 已接受 |
| VulDB Entry | VDB-219336 |