11 matches found
EUVD-2023-34090
Malicious code in bioql PyPI...
CVE-2022-40353
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/upbooking.php...
CVE-2022-43061
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-40099
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/updateexpensecategory.php...
CVE-2023-0515
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/forgetpassword.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. T...
CVE-2022-44401
Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via /tour/admin/file.php...
CVE-2022-41537
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-42142
Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/updatesettings.php...
CVE-2022-40091
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatepackages.php...
PT-2022-25198 · Unknown · Online Tours & Travels Management System
Name of the Vulnerable Software and Affected Versions: Online Tours & Travels Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tour/admin/update tax.php" API endpoint. Recommendation...
PT-2022-25197 · Unknown · Online Tours & Travels Management System
Name of the Vulnerable Software and Affected Versions: Online Tours & Travels Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tour/admin/update payment.php" API endpoint...