Lucene search
+L

20 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.12 views

CVE-2024-41333

A reflected cross-site scripting XSS vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter...

6.1CVSS6AI score0.00538EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/11/17 11:13 a.m.11 views

CVE-2025-13247

A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS7.2AI score0.00377EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/16 12:30 p.m.7 views

EUVD-2025-197728

A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.5AI score0.00377EPSS
Exploits1References6
OSV
OSV
added 2025/11/16 11:15 a.m.5 views

CVE-2025-13247

A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score
Exploits0References5
NVD
NVD
added 2025/11/16 11:15 a.m.14 views

CVE-2025-13247

A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00377EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.13 views

PT-2025-47082

Name of the Vulnerable Software and Affected Versions PHPGurukul Tourism Management System version 1.0 Description A security flaw exists in PHPGurukul Tourism Management System 1.0. The issue is related to SQL injection within an unknown function of the file /admin/user-bookings.php. Manipulatio...

9.8CVSS7.5AI score0.00377EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-39012

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00538EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-17547

Malicious code in bioql PyPI...

6.1CVSS4AI score0.00424EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:15 a.m.12 views

CVE-2024-32256

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image...

8.1CVSS6.9AI score0.00726EPSS
Exploits1References1
0day.today
0day.today
added 2024/08/07 12:0 a.m.152 views

Tourism Management System 2.0 Cross Site Scripting Vulnerability

Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version: v2.0 CVE:...

6.1CVSS7.4AI score0.00538EPSS
Exploits3
OSV
OSV
added 2024/08/06 4:15 p.m.5 views

CVE-2024-41333

A reflected cross-site scripting XSS vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter...

6.1CVSS6AI score0.00538EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.8 views

PT-2024-29361 · Unknown · Phpgurukul Tourism Management System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Tourism Management System version 2.0 Description: A reflected cross-site scripting issue allows attackers to execute arbitrary code in the context of a user's browser by injecting a crafted payload into the uname parameter...

6.1CVSS7.2AI score0.00538EPSS
Exploits3References4
Packet Storm
Packet Storm
added 2024/08/02 12:0 a.m.472 views

Tourism Management System 2.0 Cross Site Scripting

Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Date: 13 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version:...

7.4AI score0.00538EPSS
Exploits3
NVD
NVD
added 2024/04/16 5:15 p.m.14 views

CVE-2024-32256

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image...

8.1CVSS6.5AI score0.00726EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.5 views

PT-2024-24473

Name of the Vulnerable Software and Affected Versions Phpgurukul Tourism Management System version 2.0 Description The issue allows for Unrestricted Upload of File with Dangerous Type via the "/tms/admin/change-image.php" API endpoint. When updating a current package, there are no checks for what...

8.1CVSS5.4AI score0.00726EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/04/16 12:0 a.m.4 views

Phpgurukul Tourism Management System 安全漏洞

Tourism Management System is an American website builder for tourism management. A security vulnerability exists in Phpgurukul Tourism Management System version v2.0, which originates from a file upload vulnerability in /tms/admin/change-image.php...

8.1CVSS6.9AI score0.00726EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.7 views

PT-2024-24472 · Unknown · Phpgurukul Tourism Management System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Tourism Management System version 2.0 Description: The issue concerns an unrestricted upload of files with dangerous types via the tms/admin/create-package.php endpoint. When creating a new package, there are no checks for the type...

8.8CVSS6.6AI score0.00758EPSS
Exploits1References6
NVD
NVD
added 2024/02/23 4:15 p.m.22 views

CVE-2024-1822

A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

6.1CVSS3.4AI score0.00424EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/23 3:31 p.m.14 views

CVE-2024-1822 PHPGurukul Tourism Management System user-bookings.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

3.3CVSS6.4AI score0.00424EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/23 3:31 p.m.36 views

CVE-2024-1822 PHPGurukul Tourism Management System user-bookings.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

3.3CVSS3.9AI score0.00424EPSS
Exploits0References3
Rows per page
Query Builder