VYPR

Online Tour \& Travel Management System

by Mayurik

CVEs (55)

  • CVE-2025-9426HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The…

  • CVE-2025-9425HigAug 25, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be…

  • CVE-2025-9155HigAug 19, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit…

  • CVE-2025-9154HigAug 19, 2025
    risk 0.47cvss 7.3epss 0.01

    A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has…

  • CVE-2025-9010HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. The attack can be launched…

  • CVE-2025-9009HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2025-9008HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-8993HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2025-8984HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the…

  • CVE-2025-8983HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated…

  • CVE-2025-8982HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated…

  • CVE-2025-8981HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2025-8972HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-8971HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated…

  • CVE-2025-8970HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2025-8969HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely.…

  • CVE-2025-8968HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. The attack can be launched…

  • CVE-2025-8967HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2025-8966HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2025-9153MedAug 19, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched…

Page 1 of 3