Travel Management Project Security Vulnerabilities

CVE-2022-39054

Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting)...

CVE-2022-30842

Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/classes/Users.php?f=save,...

CVE-2022-30838

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30054

In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection...

CVE-2022-30412

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30411

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30414

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30413

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30417

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30415

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via...

CVE-2022-30408

Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via...

CVE-2021-25208

Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to...

CVE-2021-25213

SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to...

CVE-2019-15773

The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl...