CVE-2025-8982

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument currcode leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8983

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-8983

The CVE-2025-8983 entry concerns itsourcecode Online Tour and Travel Management System 1.0. A SQL injection vulnerability exists in /admin/operations/expense.php via the expense_for parameter. Exploitation is possible remotely, and public exploits have been disclosed. Connected sources corroborat...

CVE-2025-8983 itsourcecode Online Tour and Travel Management System expense.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-8983 itsourcecode Online Tour and Travel Management System expense.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-8982 itsourcecode Online Tour and Travel Management System currency.php sql injection

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument currcode leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8982 itsourcecode Online Tour and Travel Management System currency.php sql injection

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument currcode leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8981

The CVE-2025-8981 entry concerns itsourcecode Online Tour and Travel Management System 1.0. A SQL injection flaw exists in the /admin/operations/payment.php file, caused by unsafely handling the payment_type parameter. The vulnerability is remotely exploitable and has publicly disclosed exploits....

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8972 itsourcecode Online Tour and Travel Management System page-login.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-8971

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-8968

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-8971

CVE-2025-8971 affects itsourcecode Online Tour and Travel Management System 1.0, with a SQL injection in /admin/operations/travellers.php via the val-username parameter. Exploitation is remote and publicly disclosed; a related exploit repo shows remote code execution via file upload after injecti...

CVE-2025-8970

CVE-2025-8970 affects itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is in the file /admin/operations/booking.php, where manipulation of the ID parameter enables an SQL injection. The issue is exploitable remotely, with public disclosure of the exploit noted in multi...

CVE-2025-8969

The CVE-2025-8969 issue affects itsourcecode Online Tour and Travel Management System 1.0, specifically its /admin/approve_user.php functionality. The vulnerability is a SQL injection caused by manipulation of the ID parameter, exploitable remotely. Multiple connected sources corroborate a public...

CVE-2025-8968

Summary: CVE-2025-8968 affects itsourcecode Online Tour and Travel Management System 1.0. A vulnerable function in the admin path (/admin/disapprove_user.php) allows SQL injection through the ID parameter. Exploitation is described as remote, with the exploit disclosed publicly. What’s affected: ...

CVE-2025-8968 itsourcecode Online Tour and Travel Management System disapprove_user.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8968 itsourcecode Online Tour and Travel Management System disapprove_user.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...