CVE-2022-35421

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php...

EUVD-2023-23647

Malicious code in bioql PyPI...

EUVD-2022-43410

Malicious code in bioql PyPI...

EUVD-2022-43643

Malicious code in bioql PyPI...

EUVD-2022-43416

Malicious code in bioql PyPI...

EUVD-2022-43418

Malicious code in bioql PyPI...

EUVD-2022-43412

Malicious code in bioql PyPI...

EUVD-2022-36058

Malicious code in bioql PyPI...

EUVD-2023-12561

Malicious code in bioql PyPI...

EUVD-2023-12574

Malicious code in bioql PyPI...

EUVD-2023-12579

Malicious code in bioql PyPI...

EUVD-2023-12611

Malicious code in bioql PyPI...

EUVD-2022-38309

Malicious code in bioql PyPI...

CVE-2025-11103

CVE-2025-11103 affects Projectworlds Online Tours and Travels 1.0. The vulnerability is in the /admin/change-image.php file, where manipulating the packageimage argument leads to unrestricted file uploads. Attacks may be initiated remotely, and the exploit has been publicly disclosed. Several sou...

CVE-2024-0883

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely...

CVE-2024-0884

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2024-48411

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection SQLI via a crafted payload to the val-email parameter in forgetpassword.php...

CVE-2024-10920

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the...

CVE-2023-0560

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. This issue affects some unknown processing of the file admin/practicepdf.php. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2023-0532

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapproveuser.php. The manipulation of the argument id leads to sql injection. The attack can be launched...