First published: Wed Jun 15 2022(Updated: )
Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Theme Park Ticketing System Project Theme Park Ticketing System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-32302 is a SQL injection vulnerability discovered in Theme Park Ticketing System v1.0.
CVE-2022-32302 allows attackers to perform SQL injection via the 'id' parameter in edit_ticket.php.
By exploiting CVE-2022-32302, an attacker can manipulate the SQL queries, potentially gaining unauthorized access to or modifying the ticketing system's database.
To fix CVE-2022-32302, you should sanitize user input and use prepared statements or parameterized queries to prevent SQL injection vulnerabilities.
Check with the vendor or developer of Theme Park Ticketing System v1.0 for any available patches or updates that address CVE-2022-32302.