cbcvebase.

Sourcecodester Online Tours Travels Management System vulnerabilities

24 known vulnerabilities affecting sourcecodester/online_tours_travels_management_system.

Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH5MEDIUM7

Vulnerabilities

Page 2 of 2
CVE-2023-0532MEDIUMCVSS 4.7v1.02023-01-27
CVE-2023-0532 [MEDIUM] CWE-89 CVE-2023-0532: A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapprove_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public a
nvd
CVE-2023-0515HIGHCVSS 7.2v1.02023-01-26
CVE-2023-0515 [HIGH] CWE-89 CVE-2023-0515: A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classif A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/forget_password.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. The exploit has been disclosed to the public and may be use
nvd
CVE-2023-0516HIGHCVSS 7.2v1.02023-01-26
CVE-2023-0516 [HIGH] CWE-89 CVE-2023-0516: A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has bee A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file user/forget_password.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. The exploit has been disclosed to the public and may be used.
nvd
CVE-2023-0324CRITICALCVSS 9.8v1.02023-01-16
CVE-2023-0324 [CRITICAL] CWE-89 CVE-2023-0324: A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classif A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and
nvd
← Previous2 / 2