VYPR

Travel Management System

by Sourcecodester

CVEs (2)

  • CVE-2021-25208CriJul 23, 2021
    risk 0.64cvss 9.8epss 0.02

    Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.

  • CVE-2021-25213CriJul 22, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.