1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35378
https://notcve.org/view.php?id=CVE-2020-35378
14 Dec 2020 — SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields. Una inyección SQL en Online Bus Ticket Reservation versión 1.0, permite a atacantes ejecutar comandos SQL arbitrarios y omitir la autenticación por medio de los campos username y password. • https://www.exploit-db.com/exploits/49212 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •