8 matches found
CVE-2026-10290
The vulnerability CVE-2026-10290 affects code-projects Hotel and Tourism Reservation System 1.0, specifically the GET Parameter Handler’s tour.php. The issue arises from an unspecified function allowing manipulation of the tour argument, leading to SQL injection. Remote exploitation is possible a...
PT-2025-47082
Name of the Vulnerable Software and Affected Versions PHPGurukul Tourism Management System version 1.0 Description A security flaw exists in PHPGurukul Tourism Management System 1.0. The issue is related to SQL injection within an unknown function of the file /admin/user-bookings.php. Manipulatio...
Online Tourism Management System 1.0 Insecure Settings
======================================================================================================================================================== | Title : online tourism management system 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser...
CVE-2024-41333
A reflected cross-site scripting XSS vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter...
CVE-2024-32256
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image...
PT-2024-24472 · Unknown · Phpgurukul Tourism Management System
Name of the Vulnerable Software and Affected Versions: Phpgurukul Tourism Management System version 2.0 Description: The issue concerns an unrestricted upload of files with dangerous types via the tms/admin/create-package.php endpoint. When creating a new package, there are no checks for the type...
SQL Injection Vulnerability in CMS Frontend
Situ CMS is the short name of Situ Tourism Website Management System, which is a self-developed website management system applicable to the construction of tourism websites. A SQL injection vulnerability exists in the frontend of SITO CMS. An attacker can exploit the vulnerability to obtain...
SQL Injection Vulnerability in Aja***.ashx, an Intelligent Tourism System of iSoftStone Macau Ltd.
iSoftStone Macau is mainly engaged in software design and development, information technology services. SQL injection vulnerability exists in Aja.ashx, the intelligent tourism system of iSoftStone Macau, which can be exploited by attackers to obtain sensitive information from the database...