CVE-2026-3705
SQL Injection in Simple Flight Ticket Booking System Adminsearch.php
Publication date: 2026-03-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| carmelo | simple_flight_ticket_booking_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-3705 is a critical SQL injection vulnerability found in version 1.0 of the Simple Flight Ticket Booking System, specifically in the /Adminsearch.php file.'}, {'type': 'paragraph', 'content': "The vulnerability occurs because the application does not properly validate or sanitize the 'flightno' parameter, which is directly used in SQL queries without neutralizing special characters."}, {'type': 'paragraph', 'content': 'This flaw allows attackers to inject malicious SQL code remotely, enabling them to manipulate database queries, retrieve sensitive information such as user credentials and flight data, and potentially modify or delete data.'}, {'type': 'paragraph', 'content': 'No authentication is required to exploit this vulnerability, making it easier for attackers to launch attacks.'}] [1, 2, 3, 4]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can have serious impacts including unauthorized access to the flight booking system's database."}, {'type': 'list_item', 'content': 'Attackers can extract sensitive information such as user credentials and flight data.'}, {'type': 'list_item', 'content': 'They can modify or delete data, compromising data integrity.'}, {'type': 'list_item', 'content': "The system's confidentiality, integrity, and availability can be compromised."}, {'type': 'paragraph', 'content': 'Because the attack can be launched remotely without authentication, the risk of exploitation is high.'}] [1, 2, 3, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This SQL injection vulnerability can be detected by testing the 'flightno' parameter in the /Adminsearch.php file for injection points. Tools like sqlmap have been used to confirm the vulnerability by injecting payloads that cause time delays or extract database information."}, {'type': 'paragraph', 'content': 'An example command using sqlmap to detect the vulnerability is:'}, {'type': 'list_item', 'content': 'sqlmap -u "http://target/Adminsearch.php?flightno=test" --risk=3 --level=5 --dbs'}, {'type': 'paragraph', 'content': 'Additionally, manual testing can be done by injecting SQL payloads such as:'}, {'type': 'list_item', 'content': "flightno=test' AND (SELECT SLEEP(5))-- "}, {'type': 'paragraph', 'content': 'If the response is delayed, it indicates a time-based blind SQL injection vulnerability.'}, {'type': 'paragraph', 'content': 'Vulnerable targets can also be identified using Google dorking with the query: inurl:Adminsearch.php'}] [2, 3]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps include:'}, {'type': 'list_item', 'content': "Use prepared statements with parameter binding to safely handle the 'flightno' input."}, {'type': 'list_item', 'content': 'Implement input validation and filtering to ensure only expected data is processed.'}, {'type': 'list_item', 'content': 'Employ escaping functions such as mysqli_real_escape_string() to neutralize special characters.'}, {'type': 'paragraph', 'content': 'If possible, replace the affected software with a secure alternative or update the software to a version that addresses this vulnerability.'}] [2, 3]