CVE-2020-25889

Name of the Vulnerable Software and Affected Versions Online Bus Booking System Project Using PHP/MySQL version 1.0

Description The issue allows remote attackers to bypass authentication and execute arbitrary SQL commands via the login page by placing a SQL injection payload. This can lead to attackers gaining admin privileges.

Recommendations For Online Bus Booking System Project Using PHP/MySQL version 1.0, consider validating and sanitizing user input on the login page to prevent SQL injection attacks. As a temporary workaround, restrict access to the login page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.