cvedb.io
CVE-2026-3746
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2026-03-08T16:16:01.600 · Last modified 2026-06-17T10:44:07.903

Summary

A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Affected products

oretnom23 — simple_responsive_tourism_website

Does this affect you?

Add your gear to cvedb and we'll alert you only when oretnom23 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.