Skip to main content

Online Tours And Travels Management System

9 CVEs product

Monthly

CVE-2024-46077 MEDIUM This Month

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the val-username, val-email, val-suggestions, val-digits and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-43050 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-42142 HIGH POC This Week

Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-40097 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-40093 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-40092 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-40091 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-35421 HIGH POC This Week

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-32992 HIGH POC This Week

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD
CVSS 3.1
7.2
EPSS
0.9%
EPSS 0% CVSS 5.4
MEDIUM This Month

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the val-username, val-email, val-suggestions, val-digits and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy