5 matches found
CVE-2025-9155
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...
CVE-2025-9155 itsourcecode Online Tour and Travel Management System forget_password.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...
CVE-2024-48411
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection SQLI via a crafted payload to the val-email parameter in forgetpassword.php...
PT-2017-19014 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.3-15152 Description: The issue allows remote attackers to enumerate valid usernames via unspecified vectors due to an information exposure vulnerability in forget passwd.cgi...
csam-xss.txt
A XSS vulnerability is identified in C-SAM oneWallet web admin interface. This vulnerability exists in the forget password page. http://myserver:myport/tp/web/oneWallet/user/forgotPassStep2.jsp?loginID=null%22%3e%3cscript%3ealert%22XSS!%22%3c%2fscript%3e Sucessfully tested with Version...