Code-Projects Tourism Management System vulnerabilities

CVE-2025-4889 [MEDIUM] CWE-119 CVE-2025-4889: A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as crit A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to th

CVE-2025-4890 [MEDIUM] CWE-119 CVE-2025-4890: A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be

CVE-2025-0538 [MEDIUM] CWE-79 CVE-2025-0538: A vulnerability, which was classified as problematic, was found in code-projects Tourism Management A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The manipulation of the argument pgedetails leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may