Approved changes feed: RSS · Atom

cpe:2.3:a:projectworlds_pvt._limited:online_bus_booking_system:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorProjectworlds Pvt. Limited (8e478e47-7374-562d-9dd8-dec161a8c34d)
ProductOnline Bus Booking System (c398861d-1511-5054-a2c2-758aac3de13c)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-45019 vulnerable 2026-06-08 06:12:41.637588 Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:19:01.388Z
Updated: 2024-09-05T18:19:41.588Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45018 vulnerable 2026-06-08 06:12:41.637016 Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the includes/login.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:17:35.072Z
Updated: 2024-09-05T19:17:32.810Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45015 vulnerable 2026-06-08 06:12:41.636055 Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'date' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:14:36.079Z
Updated: 2024-09-04T20:39:47.096Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45012 vulnerable 2026-06-08 06:12:41.634027 Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user_email' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:11:43.996Z
Updated: 2024-09-04T20:45:04.878Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.