Tripexpress is an open source bus tour travel booking management web application by Shpetim Islami, an Austrian individual developer. tripexpress suffers from a path traversal vulnerability, which originates from the assignment of $_SERVER[argv ] assigned to src, the lack of effective filtering and validation, an attacker can use the vulnerability to cause path manipulation.
CPE | Name | Operator | Version |
---|---|---|---|
tripexpress tripexpress | eq | 1.1 |