CVE-2025-9008

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/smssetting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-9008

The CVE-2025-9008 entry concerns itsourcecode Online Tour and Travel Management System 1.0. Vulnerability: SQL injection via the uname parameter in the file /admin/sms_setting.php, allowing remote exploitation. Multiple connected sources corroborate the same flaw, with impact described as high fo...

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system . An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by incorrect manipulation of the parameter una...

CVE-2024-7038 Information Disclosure in open-webui/open-webui

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...

CVE-2022-3464

A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument sitename leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this...