10 matches found
EUVD-2024-32947
Malicious code in bioql PyPI...
EUVD-2025-14991
Malicious code in bioql PyPI...
CVE-2025-4156 PHPGurukul Boat Booking System change-image.php sql injection
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-image.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-4156 PHPGurukul Boat Booking System change-image.php sql injection
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-image.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-51208
File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter...
CVE-2024-10161
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file change-image.php of the component Update Boat Image Page. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate th...
CVE-2024-10161 PHPGurukul Boat Booking System Update Boat Image Page change-image.php unrestricted upload
A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file change-image.php of the component Update Boat Image Page. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate th...
CVE-2024-9816 Codezips Tourist Management System change-image.php unrestricted upload
A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be launched remotely...
CVE-2024-9816 Codezips Tourist Management System change-image.php unrestricted upload
A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be launched remotely...
PT-2024-24473
Name of the Vulnerable Software and Affected Versions Phpgurukul Tourism Management System version 2.0 Description The issue allows for Unrestricted Upload of File with Dangerous Type via the "/tms/admin/change-image.php" API endpoint. When updating a current package, there are no checks for what...