@haxtheweb/create (>=10.0.0 <=25.0.2), @haxtheweb/open-apis (=11.0.2) +1 more potentially affected by CVE-2026-46391 via @haxtheweb/open-apis (>=10.0.1 <=25.0.0)

@haxtheweb/open-apis NPM version =10.0.1, =10.0.0, =1.0.0, =1.0.7 Source cves: CVE-2026-46391 Source advisory: OSV:GHSA-4FG7-F244-3J49...

@haxtheweb/create (>=0.1.3 <=11.0.2), @haxtheweb/open-apis (=11.0.2) potentially affected by CVE-2025-49139 via @haxtheweb/haxcms-nodejs (>=0.0.13 <=10.0.6)

@haxtheweb/haxcms-nodejs NPM version =0.0.13, =0.1.3, =11.0.2 - @haxtheweb/open-apis =11.0.2 Source cves: CVE-2025-49139 Source advisory: OSV:GHSA-V3PH-2Q5Q-CG88...

CVE-2024-32254

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image...

CVE-2024-9815

A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be...

Codezips Tourist Management System 代码问题漏洞

Codezips Tourist Management System is an open source tourism management system from Codezips. A code issue vulnerability exists in Codezips Tourist Management System version 1.0, which stems from the parameter packageimage in /admin/create-package.php that can lead to unrestricted uploads...

PT-2024-39860 · Codezips · Codezips Tourist Management System

Name of the Vulnerable Software and Affected Versions: Codezips Tourist Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/create-package.php. The manipulation of the packageimage argument leads to...

Tourism Management System 安全漏洞

Tourism Management System is an American website builder for tourism management. A security vulnerability exists in Phpgurukul Tourism Management System version v2.0, which originates from a file upload vulnerability in tms/admin/create-package.php...

CVE-2020-28136

An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page...

SourceCodester Tourism Management System 代码问题漏洞

SourceCodester Tourism Management System is a website builder for tourism management from SourceCodester. SourceCodester Tourism Management System has an arbitrary file upload vulnerability that can be exploited for remote code execution via the admin create-package.php vulnerability page...