Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Online_tours_and_travels_management_system
(Online_tours_and_travels_management_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-11-07 | CVE-2022-43050 | Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-10-17 | CVE-2022-42142 | Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-09-26 | CVE-2022-40097 | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-09-23 | CVE-2022-40091 | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-09-23 | CVE-2022-40092 | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-09-23 | CVE-2022-40093 | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-08-02 | CVE-2022-35421 | Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. | Online_tours_and_travels_management_system | 7.2 | ||
| 2022-06-15 | CVE-2022-32992 | Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. | Online_tours_and_travels_management_system | 7.2 |