CNNVD-202512-2640 Information

CNNVD ID

CNNVD-202512-2640

Related CVE

CVE-2023-53877

• CNNVD Published: 2025-12-15

Description (Chinese)

Bus Reservation System是PHPJabbers开源的一个巴士预约系统。 Bus Reservation System 1.1版本存在SQL注入漏洞，该漏洞源于pickup_id参数存在SQL注入，可能导致操纵数据库查询并窃取信息。

Description (English)

Bus Supply System is a bus reservation system open to PHP Jabbers. There is an SQL-injection loophole in version 1.1 of Bus Supply System, which originates from the Pickup id parameter-injection of SQL, which may lead to manipulation of the database search and theft of information.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

PHPJabbers

Published

2025-12-15

Last Modified

2026-02-24

References

https://www.phpjabbers.com/bus-reservation-system/ https://www.exploit-db.com/exploits/51712 https://www.vulncheck.com/advisories/bus-reservation-system-multiple-sql-injection-via-pickupid-parameter https://access.redhat.com/security/cve/cve-2023-53877