Security Advisory
CVE-2025-55444
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts MCA Project 1.0. A remote attacker can inject arbitrary SQL queries, leading to database enumeration and potential remote code execution.