Submit #75063: Online Tours & Travels Management System V1.0 user/forget_password.php email sql injection
Title | Online Tours & Travels Management System V1.0 user/forget_password.php email sql injection |
---|---|
Description | A vulnerability classified as serious has been found in the Online Tours&Travels Management System V 1.0. The vulnerability exists at the login page.This will affect the file user/forget_password.php. The email parameter is directly spliced into the sql statement and executed without any filtering .Operation on parameter email results in sql injection. |
Source | ⚠️ https:/ |
User | muzishouchen (ID 36418) |
Submission | 2023-01-20 18時05分 (1 Year ago) |
Moderation | 2023-01-26 17時58分 (6 days later) |
Accepted | 已接受 |
VulDB Entry | VDB-219336 |