14 matches found
CVE-2025-13247
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
EUVD-2025-197728
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-13247
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-13247
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-13247 PHPGurukul Tourism Management System user-bookings.php sql injection
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-13247 PHPGurukul Tourism Management System user-bookings.php sql injection
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-13247
CVE-2025-13247 affects PHPGurukul Tourism Management System 1.0. The vulnerability is an SQL injection in an unknown function of the file /admin/user-bookings.php, caused by manipulation of the uid argument. It can be exploited remotely, and an exploit has been publicly released. Remediation guid...
PHPGurukul Tourism Management System SQL注入漏洞
PHPGurukul Tourism Management System is a website builder for tourism management from PHPGurukul. A SQL injection vulnerability exists in version 1.0 of the PHPGurukul Tourism Management System, which originates from an incorrect manipulation of the parameter uid in the file...
PT-2025-47082
Name of the Vulnerable Software and Affected Versions PHPGurukul Tourism Management System version 1.0 Description A security flaw exists in PHPGurukul Tourism Management System 1.0. The issue is related to SQL injection within an unknown function of the file /admin/user-bookings.php. Manipulatio...
CVE-2024-1822
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...
Tourism Management System 2.0 Cross Site Scripting
Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Date: 13 July 2024 Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version:...
CVE-2024-1822
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...
Tourism Management System Cross-Site Scripting Vulnerability
Tourism Management System is an American website builder for tourism management. A cross-site scripting vulnerability exists in Tourism Management System version 1.0, which stems from the parameter Full Name in the file user-bookings.php that causes cross-site scripting...
CVE-2023-1129
The WP FEvents Book WordPress plugin through 0.46 does not ensures that bookings to be updated belong to the user making the request, allowing any authenticated user to book, add notes, or cancel booking on behalf of other users...