CVE-2021-25213

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
22/07/2021
Last modified:
29/07/2021

Description

SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:travel_management_system_project:travel_management_system:1.0:*:*:*:*:*:*:*