CVE-2022-43050

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component updateprofile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Privilege escalation

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component updateprofile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43050

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component updateprofile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43061

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43061

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43083

An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

An arbitrary file upload vulnerability in addproduct.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43083

An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43083

An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43085

An arbitrary file upload vulnerability in addproduct.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43083

CVE-2022-43083 affects Vehicle Booking System v1.0 via an arbitrary file upload in admin-add-vehicle.php that allows code execution through a crafted PHP file. The base vulnerability is confirmed across multiple sources (NVD/Red Hat/CNVD/CVE list). CVSS v3.1 base score 7.2 (High): network attack ...

CVE-2022-43085

CVE-2022-43085 affects Restaurant POS System v1.0, specifically the add_product.php file. The vulnerability is an arbitrary file upload that lets an attacker execute arbitrary PHP code by uploading a crafted file. According to multiple sources, this can lead to remote code execution with likely h...

Design/Logic Flaw

Mail SQR Expert system has a Local File Inclusion vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify partial system information but does not affect service...

Design/Logic Flaw

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/managewebsite.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43275

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/phpaction/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43275

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/phpaction/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43231

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/managewebsite.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43231

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/managewebsite.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43275

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/phpaction/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...