CVE-2023-45019

Name of the Vulnerable Software and Affected Versions Online Bus Booking System version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the category parameter of the "category.php" resource does not validate the characters received, and they are sent unfiltered to the database. This lack of validation allows for potential SQL injection attacks.

Recommendations For Online Bus Booking System version 1.0, consider validating and filtering the category parameter to prevent SQL injection attacks. As a temporary workaround, restrict access to the "category.php" resource to minimize the risk of exploitation. Ensure that all user input is properly sanitized before being sent to the database.