Anudeep Kadambala

CVE-2025-55444 WRITEUP CRITICAL WRITEUP

Online Artwork & Fine Arts MCA Project 1.0 - SQL Injection

A SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts MCA Project 1.0. A remote attacker can inject arbitrary SQL queries, leading to database enumeration and potential remote code execution.

CVSS 9.8

View Code