2 matches found
CVE-2022-41537
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-41537
Online Tours & Travels Management System v1.0 is affected by CVE-2022-41537 due to an arbitrary file upload flaw in /user_operations/profile.php that enables remote code execution via a crafted PHP file. The vulnerability stems from an unvalidated file-upload input, allowing an attacker to upload...