Filtered by vendor Itsourcecode
Subscriptions
Total
108 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9153 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-21 | 6.3 Medium |
| A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2025-9154 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-21 | 7.3 High |
| A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2025-9155 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-21 | 7.3 High |
| A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9156 | 2 Angeljudesuarez, Itsourcecode | 2 Sports Management System, Sports Management System | 2025-08-21 | 7.3 High |
| A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | ||||
| CVE-2025-9009 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8967 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8966 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8993 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9008 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9010 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8984 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8983 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8982 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8981 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8972 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8971 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8970 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8969 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8968 | 2 Itsourcecode, Mayurik | 2 Online Tour And Travel Management System, Online Tour \& Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8172 | 2 Clivedelacruz, Itsourcecode | 2 Employee Management System, Employee Management System | 2025-08-07 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||