Tourism Management System Security Vulnerabilities and Issues — Tourism Management System CVE List

Lucene search

PhpgurukulTourism Management System

4 matches found

CVE•added 2024/02/23 4:15 p.m.•84 views

CVE-2024-1822

A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit ha...

6.1CVSS3.8AI score0.00052EPSS

CVE•added 2024/04/16 5:15 p.m.•48 views

CVE-2024-32256

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image.

8.1CVSS6.8AI score0.00221EPSS

CVE•added 2024/04/16 5:15 p.m.•45 views

CVE-2024-32254

Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image.

8.8CVSS6.8AI score0.0023EPSS

CVE•added 2024/08/06 4:15 p.m.•41 views

CVE-2024-41333

A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.

6.1CVSS6.2AI score0.00047EPSS