CVE-2025-9153

A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit ...

CVE-2025-8971 itsourcecode Online Tour and Travel Management System travellers.php sql injection

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploi...

CVE-2024-46077

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting XSS via a crafted payload to the val-username, val-email, val-suggestions, val-digits and statename parameters in travellers.php...

CVE-2024-46077

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting XSS via a crafted payload to the val-username, val-email, val-suggestions, val-digits and statename parameters in travellers.php...

Online Tours & Travels Management System 代码问题漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Individual developer. A security vulnerability exists in Online Tours & Travels Management System v1.0, which originates from an arbitrary file upload vulnerability contained in the component...