CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33048
https://notcve.org/view.php?id=CVE-2022-33048
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. Se ha detectado que Online Railway Reservation System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo /orrs/admin/reservations/view_details.php • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/online-railway-reservation-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-46308
https://notcve.org/view.php?id=CVE-2021-46308
An SQL Injection vulnerability exists in Sourcecodester Online Railway Reservation Sysytem 1.0 via the sid parameter. Se presenta una vulnerabilidad de inyección SQL en Sourcecodester Online Railway Reservation Sysytem versión 1.0, por medio del parámetro sid • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Online-Railway-Reservation • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •