Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php.Referenceshttps://github.com/ouoer/bug_report/blob/main/vendors/mayuri_k/online-tours-travels-management-system/SQLi-1.md
