CVE-2023-53877

Description

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to steal information from the database.

PUBLISHED Reserved 2025-12-13 | Published 2025-12-15 | Updated 2025-12-15 | Assigner VulnCheck

Problem types

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Product status

Credits

nu11secur1ty finder

References

www.exploit-db.com/exploits/51712 (ExploitDB-51712) exploit

www.phpjabbers.com/bus-reservation-system/ (Product Webpage) product

www.vulncheck.com/...le-sql-injection-via-pickupid-parameter (VulnCheck Advisory: Bus Reservation System 1.1 Multiple SQL Injection via pickup_id Parameter) third-party-advisory

cve.org (CVE-2023-53877)

nvd.nist.gov (CVE-2023-53877)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.