CVE-2024-42765 Information

Description

A SQL injection vulnerability in /login.php\ of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the mail\ or \password\ Login page parameters.

Reference

https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/SQL%20Injection%20-%20Login.pdf