2 matches found
CVE-2026-2159
SourceCodester Simple Responsive Tourism Website 1.0 contains a cross-site scripting flaw in the Registration module. Affected area is an unknown function in /tourism/classes/Master.php?f=register where manipulating firstname/lastname/username can trigger XSS. Exploit published; attack is remote ...
PT-2023-16710 · Sourcecodester · Sourcecodester Simple Responsive Tourism Website
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Responsive Tourism Website version 1.0 Description: A problematic issue was found in the software, affecting the /tourism/rate review.php file. The manipulation of the id argument with malicious input, such as 1"alert111...