22 matches found
EUVD-2025-24860
Malicious code in bioql PyPI...
EUVD-2025-24984
Malicious code in bioql PyPI...
EUVD-2025-28851
Malicious code in bioql PyPI...
CVE-2025-9425
A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be carried out remotely...
CVE-2025-9154
A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been published and m...
CVE-2025-9154
A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been published and m...
CVE-2025-9153
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...
CVE-2025-9154
The CVE-2025-9154 entry concerns itsourcecode Online Tour and Travel Management System version 1.0. The vulnerability is a SQL injection in the file /user/page-login.php via manipulation of the email parameter, which can be exploited remotely. Multiple connected sources corroborate the flaw and i...
CVE-2025-9153 itsourcecode Online Tour and Travel Management System travellers.php unrestricted upload
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...
CVE-2025-8983
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...
CVE-2025-8971
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2025-9010 itsourcecode Online Tour and Travel Management System booking_report.php sql injection
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/bookingreport.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The explo...
CVE-2025-9009 itsourcecode Online Tour and Travel Management System email_setup.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
CVE-2025-9008 itsourcecode Online Tour and Travel Management System sms_setting.php sql injection
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/smssetting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been...
PT-2025-33439 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability was identified in the processing of the file /admin/sms setting.php. Manipulation of the uname argument leads to a SQL injection. The attack may be...
PT-2025-33441 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection vulnerability exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the...
CVE-2025-8981
The CVE-2025-8981 entry concerns itsourcecode Online Tour and Travel Management System 1.0. A SQL injection flaw exists in the /admin/operations/payment.php file, caused by unsafely handling the payment_type parameter. The vulnerability is remotely exploitable and has publicly disclosed exploits....
CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2025-8967 itsourcecode Online Tour and Travel Management System packages.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...