Online Tours & Travels Management System is an online travel management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which stems from a lack of validation of externally entered SQL statements in the id parameter of its /admin/update_expense.php component. An attacker could exploit the vulnerability to obtain sensitive database information.
CPE | Name | Operator | Version |
---|---|---|---|
mayuri k. online tours & travels management system v | eq | 1.0 |