SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

Basic Information

ID CVE-2026-2848

Source VulDB

Published Feb 20, 2026 at 16:02

Affected Product

Vendor SourceCodester

Product Simple Responsive Tourism Website

Version 1.0

Affected Versions SourceCodester Simple Responsive Tourism Website 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.",
    "published": "2026-02-20T16:02:07.171Z",
    "modified": "2026-02-20T16:02:07.171Z",
    "type": "cve",
    "title": "SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.347084\nhttps://vuldb.com/?ctiid.347084\nhttps://vuldb.com/?submit.753967\nhttps://github.com/anupeng/CVE/issues/1\nhttps://www.sourcecodester.com/",
    "id": "CVE-2026-2848",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Simple Responsive Tourism Website 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simple Responsive Tourism Website",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester Simple Responsive Tourism Website Registration Master.php sql injection_CVE-2026-2848