CVE-2023-53877
CRIT 9.8Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to steal information from the database.
Affected Applications in Environment
12
php
v2:8.4+101~+ubuntu24.04.1+deb.sury.org+1
8 devices
php
v2:8.4+100~+ubuntu24.04.1+deb.sury.org+1
1 device
php
v5.4.16-48.el7
1 device
php
v2:7.4+75
3 devices
php
v2:8.4+101~+ubuntu22.04.1+deb.sury.org+1
1 device
php
v2:8.2+93
1 device
php
v1:7.0+35ubuntu6.1
1 device
php
v2:8.4+96+ubuntu20.04.1+deb.sury.org+1
1 device
php
v2:8.4+100~+ubuntu22.04.1+deb.sury.org+1
1 device
php
v2:8.1+92ubuntu1
1 device
php
v2:8.3+93ubuntu2
5 devices
php
v1:7.2+60ubuntu1
1 device
Affected Devices
25
aggietower
Linux
ah-ots
Linux
cceredcapweb
Linux
guru.cluster
Linux
kena-utility
Linux
my1
Linux
mysql02
Linux
privatebin
Linux
rcbd
Linux
rcdb-dev
Linux
redcapweb
Linux
sys-serv-l-301-data
Linux
web04a
Linux
web06
Linux
web08.usu.edu
Linux
web11.usu.edu
Linux
web13.usu.edu
Linux
web14.usu.edu
Linux
web20
Linux
web22
Linux
web28
Linux
web29.usu.edu
Linux
web30.usu.edu
Linux
web37.usu.edu
Linux
webs.usu.edu
Linux