Wei.Zhang

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Flight Booking Management System (affected versions not specified) **Description** A critical issue affects some unknown functionality of the file judge panel.php, where the manipulation of the `subevent id` argument leads to sql injection. This issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Flight Booking Management System (affected versions not specified) **Description** A critical issue has been discovered, affecting the file review search.php, specifically the POST Parameter Handler component. The manipulation of the `txtsearch` argument leads to SQL injection. This issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.