CVE-2022-35421

Description

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php.

Related CPE's

References

https://www.yuque.com/docs/share/1bfa94ff-e66c-403c-a3fd-beb35cea7136

CvssV3 impact

CvssV2 impact