VYPR

Online Tour \& Travel Management System

by Mayurik

CVEs (55)

  • CVE-2023-0530Jan 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/approve_user.php. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2023-0529Jan 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/add_payment.php. The manipulation of the argument id leads to sql injection. The attack can be…

  • CVE-2023-0528Jan 27, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/abc.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…

  • CVE-2023-0516Jan 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file user/forget_password.php of the component Parameter Handler. The manipulation of the argument email leads to…

  • CVE-2023-0515Jan 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/forget_password.php of the component Parameter Handler. The manipulation of the argument email leads…

  • CVE-2023-0324Jan 16, 2023
    risk 0.00cvss epss 0.19

    A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack…

  • CVE-2022-43050Nov 7, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-42142Oct 17, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php.

  • CVE-2022-41416Oct 14, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php.

  • CVE-2022-40353Sep 27, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php.

  • CVE-2022-40352Sep 27, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php.

  • CVE-2022-40099Sep 26, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php.

  • CVE-2022-40093Sep 23, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php.

  • CVE-2022-40092Sep 23, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php.

  • CVE-2022-40091Sep 23, 2022
    risk 0.00cvss epss 0.01

    Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php.

Page 3 of 3