Littlewhite

**Name of the Vulnerable Software and Affected Versions** PHPGurukul Tourism Management System version 1.0 **Description** A security flaw exists in PHPGurukul Tourism Management System 1.0. The issue is related to SQL injection within an unknown function of the file `/admin/user-bookings.php`. Manipulation of the `uid` argument can trigger the injection. The attack can be launched remotely, and an exploit has been publicly released. **Recommendations** Apply any available updates or patches for the software. As a temporary workaround, restrict access to the `/admin/user-bookings.php` file. Sanitize the `uid` input to prevent SQL injection attacks.