Vulnerabilities > CVE-2023-50862 - Unspecified vulnerability in Kashipara Travel Website 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the booking.php resource does not validate the characters received and they are sent unfiltered to the database.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |