What is the severity of CVE-2023-48687?

CVE-2023-48687 has been classified as a critical vulnerability due to multiple unauthenticated SQL injection vulnerabilities.

How do I fix CVE-2023-48687?

To fix CVE-2023-48687, implement input validation and parameterized queries to sanitize user inputs before processing them.

Which versions of the Railway Reservation System are affected by CVE-2023-48687?

CVE-2023-48687 affects version 1.0 of the Railway Reservation System.

What are the risks associated with CVE-2023-48687?

The risks associated with CVE-2023-48687 include unauthorized access to the database and potential data manipulation or leakage.

How can I confirm if my system is vulnerable to CVE-2023-48687?

You can confirm if your system is vulnerable to CVE-2023-48687 by testing the input fields of the reservation.php resource for SQL injection exploits.

Vulnerability/
CVE-2023-48687

critical

9.8

CWE

21/12/2023

2/8/2024

CVE-2023-48687: Railway Reservation System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

First published: Thu Dec 21 2023(Updated: )

Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'from' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database.

Credit: help@fluidattacks.com

Affected Software	Affected Version	How to fix
Projectworlds Railway Reservation System	=1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-48687?
CVE-2023-48687 has been classified as a critical vulnerability due to multiple unauthenticated SQL injection vulnerabilities.
How do I fix CVE-2023-48687?
To fix CVE-2023-48687, implement input validation and parameterized queries to sanitize user inputs before processing them.
Which versions of the Railway Reservation System are affected by CVE-2023-48687?
CVE-2023-48687 affects version 1.0 of the Railway Reservation System.
What are the risks associated with CVE-2023-48687?
The risks associated with CVE-2023-48687 include unauthorized access to the database and potential data manipulation or leakage.
How can I confirm if my system is vulnerable to CVE-2023-48687?
You can confirm if your system is vulnerable to CVE-2023-48687 by testing the input fields of the reservation.php resource for SQL injection exploits.

agent/references
agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/weakness
agent/title
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/source
vendor/projectworlds
canonical/projectworlds railway reservation system
version/projectworlds railway reservation system/1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.