5 matches found
CVE-2023-1041
The CVE-2023-1041 entry affects SourceCodester Simple Responsive Tourism Website 1.0, specifically the file /tourism/rate_review.php. The vulnerability arises from improper handling of the id parameter; a crafted input like 1"> enables cross-site scripting (XSS). Exploitation is possible remot...
CVE-2026-2848
CVE-2026-2848 affects SourceCodester Simple Responsive Tourism Website 1.0 . The vulnerability lies in an unknown functionality of the file /classes/Master.php?f=register during registration, where manipulating the Username argument allows SQL injection. The issue can be exploited remotely, and a...
CVE-2026-2160
The CVE-2026-2160 entry affects SourceCodester Simple Responsive Tourism Website 1.0. Affected component: /tourism/classes/Master.php?f=save_package. The vulnerability arises from manipulating the Title parameter, enabling cross-site scripting. Exploitation can be performed remotely and public ex...
CVE-2026-2159
SourceCodester Simple Responsive Tourism Website 1.0 contains a cross-site scripting flaw in the Registration module. Affected area is an unknown function in /tourism/classes/Master.php?f=register where manipulating firstname/lastname/username can trigger XSS. Exploit published; attack is remote ...
CVE-2026-3746
Consolidated details across multiple sources identify CVE-2026-3746 as a SQL injection in SourceCodester Simple Responsive Tourism Website 1.0, affecting the Login component’s file /tourism/classes/Login.php?f=login. The bug arises from manipulating the Username argument, enabling remote exploita...