CVE-2026-3723

HIGH

Simple Flight Ticket Booking System 1.0 - SQL Injection

Title source: llm

Description

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

References (6)

Scores

CVSS v3 7.3
EPSS 0.0005
EPSS Percentile 16.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-89 CWE-74
Status published
Products (1)
carmelo/simple_flight_ticket_booking_system 1.0
Published Mar 08, 2026
Tracked Since Mar 08, 2026