Filtered by vendor Phpgurukul
Subscriptions
Filtered by product Tourism Management System
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-1822 | 1 Phpgurukul | 1 Tourism Management System | 2024-12-06 | 2.4 Low |
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254610 is the identifier assigned to this vulnerability. | ||||
CVE-2024-32254 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image. | ||||
CVE-2022-30930 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 4.3 Medium |
Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | ||||
CVE-2020-28136 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | ||||
CVE-2024-41333 | 1 Phpgurukul | 1 Tourism Management System | 2024-08-08 | 6.1 Medium |
A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. |
Page 1 of 1.