9 matches found
@haxtheweb/create (>=10.0.0 <=26.0.0), @haxtheweb/open-apis (>=11.0.2 <=26.0.0) potentially affected by CVE-2026-46391 via @haxtheweb/open-apis (>=10.0.1 <=25.0.0)
@haxtheweb/open-apis NPM version =10.0.1, =10.0.0, =11.0.2, =26.0.0 Source cves: CVE-2026-46391 Source advisory: OSV:GHSA-4FG7-F244-3J49...
@haxtheweb/create (>=0.1.3 <=11.0.2), @haxtheweb/open-apis (=11.0.2) potentially affected by CVE-2025-49139 via @haxtheweb/haxcms-nodejs (>=0.0.13 <=10.0.6)
@haxtheweb/haxcms-nodejs NPM version =0.0.13, =0.1.3, =11.0.2 - @haxtheweb/open-apis =11.0.2 Source cves: CVE-2025-49139 Source advisory: OSV:GHSA-V3PH-2Q5Q-CG88...
CVE-2024-32254
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image...
CVE-2024-9815
A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be...
PT-2024-39860 · Codezips · Codezips Tourist Management System
Name of the Vulnerable Software and Affected Versions: Codezips Tourist Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/create-package.php. The manipulation of the packageimage argument leads to...
Codezips Tourist Management System 代码问题漏洞
Codezips Tourist Management System is an open source tourism management system from Codezips. A code issue vulnerability exists in Codezips Tourist Management System version 1.0, which stems from the parameter packageimage in /admin/create-package.php that can lead to unrestricted uploads...
Tourism Management System 安全漏洞
Tourism Management System is an American website builder for tourism management. A security vulnerability exists in Phpgurukul Tourism Management System version v2.0, which originates from a file upload vulnerability in tms/admin/create-package.php...
CVE-2020-28136
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page...
SourceCodester Tourism Management System 代码问题漏洞
SourceCodester Tourism Management System is a website builder for tourism management from SourceCodester. SourceCodester Tourism Management System has an arbitrary file upload vulnerability that can be exploited for remote code execution via the admin create-package.php vulnerability page...