Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
Simple Flight Ticket Booking System SQL Injection Vulnerability
CVE-2026-3710
Summary
A security flaw in the Simple Flight Ticket Booking System allows hackers to inject malicious code into the system, potentially stealing sensitive information. This affects the system's /Adminadd.php page, and hackers can exploit it remotely. To protect your system, update to a fixed version of the software as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| carmelo | simple_flight_ticket_booking_system | 1.0 | – |
Original title
A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument fli...
Original description
A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
nvd CVSS2.0
5.8
nvd CVSS3.1
4.7
nvd CVSS4.0
5.1
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 8 Mar 2026 · Updated: 13 Mar 2026 · First seen: 8 Mar 2026