Online Tours and Travels Management System 1.0 - SQL Injection via Forget Password Email Parameter
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI) via a crafted payload to the val-email parameter in forget_password.php.