Vulnerability Details CVE-2023-31945
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-31945
-
cpe:2.3:a:online_travel_agency_system_project:online_travel_agency_system:1.0