code-projects Bus Dispatch and Information System view_branch.php sql injection
CVE-2023-2774
6.3MEDIUM
What is CVE-2023-2774?
A SQL injection vulnerability has been discovered in the Bus Dispatch and Information System version 1.0, specifically within the view_branch.php file. The vulnerability allows an attacker, potentially remotely, to manipulate the branchid argument, leading to unauthorized access to the database. This could expose sensitive information or disrupt normal operations. The exploit has been publicly disclosed, increasing the risk of attacks against users still operating this version.
Affected Version(s)
Bus Dispatch and Information System 1.0