31 matches found
CVE-2026-14756
A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...
CVE-2026-14756
The CVE-2026-14756 entry concerns code-projects Hotel and Tourism Reservation 1.0. It identifies a vulnerability in /admin/add_tour.php where manipulating the delete_image argument enables SQL injection, with remote exploitation and a publicly available exploit. The issue affects the Tour Managem...
EUVD-2020-18131
Malware in sbrugna...
PT-2025-34719 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A weakness exists in itsourcecode Online Tour and Travel Management System 1.0, affecting an unknown part of the file /package.php. Manipulation of the subcatid...
CVE-2025-9155
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...
CVE-2025-9153
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...
itsourcecode Online Tour and Travel Management System 安全漏洞
itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. A security vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by a misuse of the parameter photo in the file...
PT-2025-33846 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability exists in itsourcecode Online Tour and Travel Management System that allows for unrestricted file upload. The issue affects unknown code within the...
CVE-2025-8993
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8981
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8993
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8993 itsourcecode Online Tour and Travel Management System expense_report.php sql injection
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
itsourcecode Online Tour and Travel Management System 注入漏洞
itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system . An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by incorrect manipulation of the parameter una...
itsourcecode Online Tour and Travel Management System 安全漏洞
itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. A security vulnerability exists in itsourcecode Online Tour and Travel Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of t...
CVE-2025-8984
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2025-8983
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...
CVE-2025-8981
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8972
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-8972
CVE-2025-8972 affects itsourcecode Online Tour and Travel Management System 1.0. A SQL injection exists in /admin/page-login.php due to improper handling of the email parameter, enabling remote exploitation without authentication. Public disclosure of the exploit is noted. Impact is described acr...
CVE-2025-8968
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...