Unknown · Online Artwork/Fine Arts Mca Project · CVE-2025-55444
Name of the Vulnerable Software and Affected Versions:
Online Artwork and Fine Arts MCA Project version 1.0
Description:
A SQL injection vulnerability exists in the `id2` parameter of the `cancel booking.php` page. A remote attacker can inject arbitrary SQL queries, leading to database enumeration and potential remote code execution.
Recommendations:
Apply input validation and sanitization to the `id2` parameter in the `cancel booking.php` page to prevent the injection of malicious SQL queries.