Lucene search
K

31 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-14756

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...

7.5CVSS6.7AI score0.00269EPSS
Exploits0References6Affected Software1
CVE
CVE
added 3 days ago12 views

CVE-2026-14756

The CVE-2026-14756 entry concerns code-projects Hotel and Tourism Reservation 1.0. It identifies a vulnerability in /admin/add_tour.php where manipulating the delete_image argument enables SQL injection, with remote exploitation and a publicly available exploit. The issue affects the Tour Managem...

7.5CVSS6.7AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-18131

Malware in sbrugna...

5.4CVSS5.5AI score0.00594EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.4 views

PT-2025-34719 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A weakness exists in itsourcecode Online Tour and Travel Management System 1.0, affecting an unknown part of the file /package.php. Manipulation of the subcatid...

7.5CVSS7.4AI score0.00387EPSS
Exploits1References9
NVD
NVD
added 2025/08/19 8:15 p.m.8 views

CVE-2025-9155

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...

9.8CVSS0.00384EPSS
Exploits1References5
OSV
OSV
added 2025/08/19 7:15 p.m.5 views

CVE-2025-9153

A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...

8.8CVSS5.7AI score
Exploits0References5
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.4 views

itsourcecode Online Tour and Travel Management System 安全漏洞

itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. A security vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by a misuse of the parameter photo in the file...

8.8CVSS6.8AI score0.00402EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.5 views

PT-2025-33846 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability exists in itsourcecode Online Tour and Travel Management System that allows for unrestricted file upload. The issue affects unknown code within the...

8.8CVSS7.1AI score0.00402EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/08/17 1:32 a.m.12 views

CVE-2025-8993

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

9.8CVSS7.7AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/16 8:14 p.m.10 views

CVE-2025-8981

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS7.7AI score0.00387EPSS
Exploits1References1
OSV
OSV
added 2025/08/15 2:15 a.m.4 views

CVE-2025-8993

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

9.8CVSS5.7AI score0.00387EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/08/15 1:5 a.m.5 views

CVE-2025-8993 itsourcecode Online Tour and Travel Management System expense_report.php sql injection

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

7.5CVSS7.6AI score0.00387EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system . An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by incorrect manipulation of the parameter una...

9.8CVSS7.8AI score0.00387EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.5 views

itsourcecode Online Tour and Travel Management System 安全漏洞

itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. A security vulnerability exists in itsourcecode Online Tour and Travel Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of t...

9.8CVSS7.7AI score0.00387EPSS
Exploits1References7
NVD
NVD
added 2025/08/14 10:15 p.m.7 views

CVE-2025-8984

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expensecategory.php. The manipulation of the argument expensename leads to sql injection. It is possible to launch the attack remotely. The...

9.8CVSS0.00387EPSS
Exploits1References5
OSV
OSV
added 2025/08/14 9:15 p.m.4 views

CVE-2025-8983

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
NVD
NVD
added 2025/08/14 8:15 p.m.5 views

CVE-2025-8981

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS0.00387EPSS
Exploits1References5
OSV
OSV
added 2025/08/14 6:15 p.m.4 views

CVE-2025-8972

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
CVE
CVE
added 2025/08/14 5:32 p.m.24 views

CVE-2025-8972

CVE-2025-8972 affects itsourcecode Online Tour and Travel Management System 1.0. A SQL injection exists in /admin/page-login.php due to improper handling of the email parameter, enabling remote exploitation without authentication. Public disclosure of the exploit is noted. Impact is described acr...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/08/14 5:15 p.m.4 views

CVE-2025-8968

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapproveuser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The explo...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
Rows per page
Query Builder