Share:

CVE-2022-40049

Critical 7.5

SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page.

Published January 6, 2023.

Affected software

Theme Park Ticketing System Project Theme Park Ticketing System

Get alerts for Theme Park Ticketing System Project Theme Park Ticketing System

Reference links

https://github.com/Manba6/Bug_report/blob/main/vendors/oretnom23/theme-park-ticketing-system/SQLi-1.md