Travel Management System@1.0 Security Vulnerabilities and Issues — Travel Management System@1.0 CVE List

Lucene search

ProjectworldsTravel Management System1.0

6 matches found

CVE•added 2024/11/04 6:15 p.m.•48 views

CVE-2024-51326

SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2' parameter in deletesubcategory.php.

7.5CVSS9AI score0.00196EPSS

CVE•added 2024/12/26 12:15 p.m.•45 views

CVE-2024-12950

A vulnerability was found in code-projects/projectworlds Travel Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /subcat.php. The manipulation of the argument catid leads to sql injection. The attack may be initiated remotely. The exploit ...

8.8CVSS7.3AI score0.00048EPSS

CVE•added 2024/11/04 6:15 p.m.•44 views

CVE-2024-51328

Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter.

6.1CVSS7.1AI score0.00021EPSS

CVE•added 2024/11/04 6:15 p.m.•39 views

CVE-2024-51327

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.

9.8CVSS8.7AI score0.00119EPSS

CVE•added 2021/05/17 7:15 p.m.•31 views

CVE-2020-29205

XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field

6.1CVSS6.2AI score0.00477EPSS

CVE•added 2020/08/27 6:15 p.m.•30 views

CVE-2020-24203

Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.

9.8CVSS9.9AI score0.05688EPSS