Vulnerabilities > CVE-2023-48689 - Unspecified vulnerability in Projectworlds Railway Reservation System 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |