9 matches found
EUVD-2025-25207
Malicious code in bioql PyPI...
EUVD-2025-24869
Malicious code in bioql PyPI...
CVE-2025-9153
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...
CVE-2025-9153 itsourcecode Online Tour and Travel Management System travellers.php unrestricted upload
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...
CVE-2025-9153
CVE-2025-9153 affects the itsourcecode Online Tour and Travel Management System v1.0. The vulnerability is in the file /admin/operations/travellers.php where the photo parameter can be manipulated to achieve an unrestricted file upload. This is described as a remote, publicly exploitable issue. M...
PT-2025-33846 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability exists in itsourcecode Online Tour and Travel Management System that allows for unrestricted file upload. The issue affects unknown code within the...
CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...
PT-2024-31896 · Unknown · Sourcecodester Online Tours & Travels Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tours and Travels Management System version 1.0 Description: The issue is related to Cross Site Scripting XSS that can be triggered by sending a crafted payload to specific parameters in the travellers.php file. The...
CVE-2022-43061
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...