SQL Injection Vulnerability in Online Bus Ticket Reservation by Online Bus
CVE-2020-35378
9.8CRITICAL
Key Information:
- Vendor
- CVE Published:
- 14 December 2020
What is CVE-2020-35378?
The Online Bus Ticket Reservation system version 1.0 has a significant security flaw that exposes users to SQL Injection attacks. This vulnerability resides in the login page, where attackers can input malicious SQL commands through the username and password fields. By exploiting this weakness, an attacker can potentially bypass authentication mechanisms, gaining unauthorized access to system functionalities and sensitive data. Security measures should be implemented to mitigate this issue and protect user information.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved