CVE-2024-10154

Name of the Vulnerable Software and Affected Versions PHPGurukul Boat Booking System version 1.0

Description A critical issue was found in the PHPGurukul Boat Booking System, affecting some unknown functionality of the file status.php of the component Check Booking Status Page. The manipulation of the emailid argument leads to SQL injection. The attack may be launched remotely.

Recommendations For PHPGurukul Boat Booking System version 1.0, as a temporary workaround, consider restricting access to the status.php file or disabling the Check Booking Status Page functionality until a patch is available. Avoid using the emailid argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.