Skip to main content

Online Tours Travels Management System

35 CVEs product

Monthly

CVE-2024-48411 CRITICAL POC Act Now

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI) via a crafted payload to the val-email parameter in forget_password.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-6471 MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-2168 HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-0884 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0883 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-0735 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-6765 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-4866 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-2619 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-1590 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1589 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1396 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Tours Travels Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-1391 CRITICAL Act Now

A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-0570 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-0561 HIGH POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-0560 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-0534 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0533 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0532 MEDIUM POC This Month

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0531 MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.6%
CVE-2023-0530 CRITICAL Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-0529 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2023-0528 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.6%
CVE-2023-0516 HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-0515 HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php of the component Parameter Handler. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-0324 CRITICAL POC THREAT Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
18.8%
CVE-2022-44401 CRITICAL POC Act Now

Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via /tour/admin/file.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Online Tours Travels Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-43061 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-41537 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operations/profile.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2022-41416 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-40354 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-40353 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-40352 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-40099 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-40098 HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.8%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI) via a crafted payload to the val-email parameter in forget_password.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 7.2
HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Online Tours Travels Management System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 7.2
HIGH POC This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 4.7
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 4.7
MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 4.7
MEDIUM POC This Month

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 4.7
MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 6.3
MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 7.2
HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 7.2
HIGH POC This Week

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical.php of the component Parameter Handler. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 19% CVSS 9.8
CRITICAL POC THREAT Act Now

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via /tour/admin/file.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operations/profile.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy