7 matches found
CVE-2025-9155
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...
CVE-2025-8981
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-8972
CVE-2025-8972 affects itsourcecode Online Tour and Travel Management System 1.0. A SQL injection exists in /admin/page-login.php due to improper handling of the email parameter, enabling remote exploitation without authentication. Public disclosure of the exploit is noted. Impact is described acr...
CVE-2025-8969 itsourcecode Online Tour and Travel Management System approve_user.php sql injection
A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approveuser.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-8967
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...
PT-2025-33342 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability was identified in an unknown functionality of the file /admin/disapprove user.php. The manipulation of the argument ID leads to SQL injection. The...
CVE-2022-40093
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatetax.php...