PHPGurukul Rail Pass Management System POST Request view-pass-detail.php sql injection
CVE-2023-3275

6.3MEDIUM

Key Information:

Vendor: PHPgurukul
Status: Rail Pass Management System
Vendor: CVE Published:; 15 June 2023

Summary

A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view-pass-detail.php of the component POST Request Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The identifier VDB-231625 was assigned to this vulnerability.

Affected Version(s)

Rail Pass Management System 1.0

References

https://vuldb.com/?id.231625

vdb-entrytechnical-description

https://vuldb.com/?ctiid.231625

signature

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2023
Vulnerability Reserved
Jun 15, 2023

Collectors

NVD DatabaseMitre Database

Credit

scumdestroy (VulDB User)