Online Bus Booking System
Approved changes feed: RSS · Atom
cpe:2.3:a:projectworlds_pvt._limited:online_bus_booking_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Projectworlds Pvt. Limited (8e478e47-7374-562d-9dd8-dec161a8c34d) |
|---|---|
| Product | Online Bus Booking System (c398861d-1511-5054-a2c2-758aac3de13c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-45019 |
vulnerable | 2026-06-08 06:12:41.637588 |
Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:19:01.388Z
Updated: 2024-09-05T18:19:41.588Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45018 |
vulnerable | 2026-06-08 06:12:41.637016 |
Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the includes/login.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:17:35.072Z
Updated: 2024-09-05T19:17:32.810Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45015 |
vulnerable | 2026-06-08 06:12:41.636055 |
Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'date' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:14:36.079Z
Updated: 2024-09-04T20:39:47.096Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45012 |
vulnerable | 2026-06-08 06:12:41.634027 |
Online Bus Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CRITICAL (9.8)
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user_email' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Published: 2023-11-02T02:11:43.996Z
Updated: 2024-09-04T20:45:04.878Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.