CVE-2025-0229
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2025-0229 is a critical vulnerability affecting the Travel Management System 1.0. An attacker can exploit this issue by manipulating the argument pid/t1/t2/t3/t4/t5/t6/t7 in the file /enquiry.php. This leads to SQL injection, allowing the attacker to execute unauthorized queries and potentially gain unauthorized access to sensitive information. The vulnerability can be exploited remotely, meaning an attacker does not need to have physical access to the system to launch an attack. The exploit for this vulnerability has been disclosed to the public, increasing the risk of widespread exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- TRAVEL MANAGEMENT SYSTEM
Affected Vendors
- Code Projects