CVE-2022-29317

Name of the Vulnerable Software and Affected Versions Simple Bus Ticket Booking System version 1.0

Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities exist via the username and password parameters at the "/assets/partials/ handleLogin.php" API endpoint.

Recommendations For Simple Bus Ticket Booking System version 1.0, consider disabling the login functionality at the "/assets/partials/ handleLogin.php" endpoint until a patch is available. Restrict access to the username and password parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.