CVE-2026-2159
published 2026-02-08CVE-2026-2159: A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file…
low2.1CVSS 4.0
AVNACLATNPRNUIPVCNVILVANSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file /tourism/classes/Master.php?f=register of the component Registration. Executing a manipulation of the argument firstname/lastname/username can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oretnom23 | simple_responsive_tourism_website | — | — |
| sourcecodester | simple_responsive_tourism_website | — | — |