vulnerability context

CVE-2023-34487

CVSS 9.8 CRITICALEPSS 49%CWE-89

itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection.

Published 2023-06-29 · last modified 2026-06-17

details

CISA KEV status: Not in catalog
CVSS v3: 9.8 / CRITICAL
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS: 49% percentile (score 0.0072)
CWE: CWE-89
OTX pulses: 0 total, 0 recent

View on NVD → · cve.org

source mentions 1

[CyberHub] 📌 CVE-2023-34487 - itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection....Bluesky:@cyberhub.blog · 4h ago

source consensus

Bluesky:@cyberhub.blog1×

Want the 3-bullet summary of CVE-2023-34487, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →