CVE-2026-3723
SQL Injection in Simple Flight Ticket Booking System /Admindelete.php
Publication date: 2026-03-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| carmelo | simple_flight_ticket_booking_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-3723 is a critical SQL injection vulnerability found in version 1.0 of the Simple Flight Ticket Booking System, specifically in the /Admindelete.php file.'}, {'type': 'paragraph', 'content': "The vulnerability occurs because the application does not properly sanitize or validate the 'flightno' parameter received via a GET request. This parameter is directly concatenated into an SQL DELETE query without adequate filtering or use of prepared statements."}, {'type': 'paragraph', 'content': "As a result, an attacker can inject malicious SQL code through the 'flightno' parameter, allowing them to manipulate the SQL query executed by the application."}, {'type': 'paragraph', 'content': 'For example, an attacker could craft a request that deletes all records from the flight table by injecting SQL code that bypasses normal query constraints.'}, {'type': 'paragraph', 'content': 'No authentication is required to exploit this vulnerability, and the exploit has been publicly released.'}] [1, 2, 3, 4]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can have serious impacts including unauthorized access to the database, modification or deletion of data, and exposure of sensitive information.'}, {'type': 'paragraph', 'content': 'Because the SQL injection allows attackers to execute arbitrary SQL commands remotely without authentication, it compromises the confidentiality, integrity, and availability of the system.'}, {'type': 'list_item', 'content': 'Attackers can delete arbitrary records from the database, potentially causing data loss.'}, {'type': 'list_item', 'content': 'Sensitive information stored in the database may be exposed or altered.'}, {'type': 'list_item', 'content': "The system's availability may be disrupted due to malicious database operations."}] [1, 2, 3, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing the 'flightno' parameter in the /Admindelete.php file for SQL injection flaws. One practical approach is to use automated tools like sqlmap to verify if the parameter is vulnerable to SQL injection."}, {'type': 'paragraph', 'content': 'An example command using sqlmap would be:'}, {'type': 'list_item', 'content': 'sqlmap -u "http://target/Admindelete.php?flightno=1" --batch --dbs'}, {'type': 'paragraph', 'content': "Additionally, manual testing can be performed by sending crafted HTTP GET requests with SQL injection payloads in the 'flightno' parameter, such as:"}, {'type': 'list_item', 'content': "GET /Admindelete.php?flightno=' OR '1'='1'-- -"}, {'type': 'paragraph', 'content': 'If the response indicates unexpected behavior like deletion of all records or database errors, it confirms the presence of the vulnerability.'}, {'type': 'paragraph', 'content': 'Attackers can also locate vulnerable targets by searching for URLs containing "inurl:Admindelete.php" using Google dorking.'}] [2, 3]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "Immediate mitigation steps include implementing proper input validation and sanitization for the 'flightno' parameter to prevent SQL injection."}, {'type': 'paragraph', 'content': 'Specifically, the vulnerable code should be replaced with prepared statements using parameter binding to safely handle user input.'}, {'type': 'list_item', 'content': 'Use prepared statements with parameterized queries instead of directly concatenating user input into SQL commands.'}, {'type': 'list_item', 'content': "Apply strict input validation and filtering on the 'flightno' parameter to allow only expected formats (e.g., numeric values)."}, {'type': 'paragraph', 'content': 'If immediate code changes are not possible, consider restricting access to the /Admindelete.php endpoint to trusted users or IP addresses as a temporary measure.'}, {'type': 'paragraph', 'content': 'Ultimately, replacing the affected component with a secure alternative product is suggested if remediation is not feasible.'}] [1, 2, 3]