Lucene search
K

78 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.10 views

CVE-2024-41333

A reflected cross-site scripting XSS vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter...

6.1CVSS6AI score0.00508EPSS
Exploits3References1
CVE
CVE
added 2025/11/16 10:32 a.m.26 views

CVE-2025-13247

CVE-2025-13247 affects PHPGurukul Tourism Management System 1.0. The vulnerability is an SQL injection in an unknown function of the file /admin/user-bookings.php, caused by manipulation of the uid argument. It can be exploited remotely, and an exploit has been publicly released. Remediation guid...

9.8CVSS7.2AI score0.00342EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20622

Malware in sbrugna...

8.8CVSS8.7AI score0.02941EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-39012

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00508EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1747

Malicious code in bioql PyPI...

5.3CVSS4.8AI score0.00361EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-27595

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.0148EPSS
Exploits2References3
Exploit DB
Exploit DB
added 2025/09/16 12:0 a.m.92 views

Tourism Management System 2.0 - Arbitrary Shell Upload

Exploit Title: Tourism Management System 2.0 - Arbitrary Shell Upload Date: 2025-10-09 Exploit Author: Debug Security Vendor Homepage: https://kodcloud.com/ Software Link: https://github.com/sohamjuhin/Tourism-Management-System Version: v2.0 Tested on: Windows 11, PHP 8.2.4, Apache 2.4.56 CVE:...

7.2CVSS7AI score0.0148EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/09/12 12:20 a.m.12 views

CVE-2025-57642

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...

7.2CVSS8.5AI score0.0148EPSS
Exploits2References1
OSV
OSV
added 2025/09/10 5:15 p.m.5 views

CVE-2025-57642

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...

7.2CVSS6.6AI score0.0148EPSS
Exploits2References2
NVD
NVD
added 2025/09/10 5:15 p.m.8 views

CVE-2025-57642

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...

7.2CVSS0.0148EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.8 views

PT-2025-37078

Name of the Vulnerable Software and Affected Versions: Tourism Management System version 2.0 Description: A shell upload issue exists in Tourism Management System 2.0, allowing an attacker to upload and execute arbitrary PHP shell scripts on the server. Successful exploitation can lead to remote...

7.8AI score0.0148EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/09/10 12:0 a.m.10 views

CVE-2025-57642

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...

0.0148EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.6 views

Tourism-Management-System 安全漏洞

Tourism-Management-System is a visitor management system from the individual developers of SOHAM DAS. A security vulnerability exists in Tourism-Management-System version 2.0 that originates from a shell upload and could lead to remote code execution...

7.2CVSS7.8AI score0.0148EPSS
Exploits2References4
CVE
CVE
added 2025/09/10 12:0 a.m.24 views

CVE-2025-57642

CVE-2025-57642 affects Tourism Management System 2.0 with a shell-upload vulnerability that allows uploading and executing PHP shells, enabling remote code execution and unauthorized access. CVSS v3.1 metrics indicate Network access, Low attack complexity, Privileges required: High, with Confiden...

7.2CVSS8.1AI score0.0148EPSS
Exploits2References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 11:57 a.m.8 views

CVE-2025-0538

A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The manipulation of the argument pgedetails leads to cross site scripting. It is possible to launch the attack...

5.3CVSS6.2AI score0.00361EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:15 a.m.11 views

CVE-2024-32256

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image...

8.1CVSS6.9AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.6 views

CVE-2024-32254

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image...

8.8CVSS6.8AI score0.00758EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:51 p.m.6 views

CVE-2022-30930

Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery CSRF...

4.3CVSS7AI score0.00428EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/20 11:18 p.m.29 views

CVE-2025-4890

A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement...

7.8CVSS7.1AI score0.00277EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/20 11:18 p.m.27 views

CVE-2025-4889

A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...

7.8CVSS7.1AI score0.00277EPSS
Exploits1
Rows per page
Query Builder