4 matches found
EUVD-2025-31459
Malicious code in bioql PyPI...
CVE-2025-11103
CVE-2025-11103 affects Projectworlds Online Tours and Travels 1.0. The vulnerability is in the /admin/change-image.php file, where manipulating the packageimage argument leads to unrestricted file uploads. Attacks may be initiated remotely, and the exploit has been publicly disclosed. Several sou...
PT-2024-34560 · Unknown · Anuj Kumar'S Boat Booking System
Name of the Vulnerable Software and Affected Versions: Anuj Kumar's Boat Booking System version 1.0 Description: The issue allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter in the change-image.php file. This enables attackers to potentially execute...
CVE-2024-10161
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file change-image.php of the component Update Boat Image Page. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate th...