|
Description
|
|
A vulnerability has been identified in Venalsur On-line Booking Centre, which could be exploited by attackers to manipulate and inject SQL queries. This issue is caused by an input validation error in the "cadena_ofertas_ext.php" script when processing the "OfertaID" parameter, which could be exploited by malicious people to conduct SQL injection attacks and gain knowledge of sensitive information.
This input validation error could also be exploited to conduct cross site scripting attacks.
|
