Lucene search
+L

7 matches found

NVD
NVD
added 2025/08/19 8:15 p.m.10 views

CVE-2025-9155

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forgetpassword.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to...

9.8CVSS0.00384EPSS
Exploits1References5
NVD
NVD
added 2025/08/14 8:15 p.m.5 views

CVE-2025-8981

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument paymenttype leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS0.00421EPSS
Exploits1References5
CVE
CVE
added 2025/08/14 5:32 p.m.26 views

CVE-2025-8972

CVE-2025-8972 affects itsourcecode Online Tour and Travel Management System 1.0. A SQL injection exists in /admin/page-login.php due to improper handling of the email parameter, enabling remote exploitation without authentication. Public disclosure of the exploit is noted. Impact is described acr...

9.8CVSS7.6AI score0.00421EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/14 4:32 p.m.4 views

CVE-2025-8969 itsourcecode Online Tour and Travel Management System approve_user.php sql injection

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approveuser.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has be...

7.5CVSS7.6AI score0.00421EPSS
Exploits1References5
NVD
NVD
added 2025/08/14 4:15 p.m.7 views

CVE-2025-8967

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

9.8CVSS0.00421EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.7 views

PT-2025-33342 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability was identified in an unknown functionality of the file /admin/disapprove user.php. The manipulation of the argument ID leads to SQL injection. The...

9.8CVSS7.6AI score0.00421EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/22 11:37 p.m.5 views

CVE-2022-40093

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatetax.php...

7.2CVSS7.7AI score0.00863EPSS
Exploits1References1
Rows per page
Query Builder