CVE-2024-9298

Name of the Vulnerable Software and Affected Versions SourceCodester Online Railway Reservation System version 1.0

Description A vulnerability was found in the Ticket Handler component, specifically affecting some unknown functionality of the file /?page=tickets. The manipulation of the id argument leads to improper access controls, allowing for remote attacks. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Online Railway Reservation System version 1.0, consider restricting access to the /page=tickets endpoint until a patch is available. As a temporary workaround, avoid using the id argument in the affected Ticket Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.