Sourcecodester Simple Responsive Tourism Website vulnerabilities

5 known vulnerabilities affecting sourcecodester/simple_responsive_tourism_website.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2026-3746MEDIUMCVSS 6.9v1.02026-03-08
CVE-2026-3746 [MEDIUM] CWE-74 CVE-2026-3746: A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disc
cvelistv5nvd
CVE-2026-2848MEDIUMCVSS 6.9v1.02026-02-20
CVE-2026-2848 [MEDIUM] CWE-74 CVE-2026-2848: A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vuln A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been published and may
cvelistv5nvd
CVE-2026-2159MEDIUMCVSS 5.3v1.02026-02-08
CVE-2026-2159 [MEDIUM] CWE-79 CVE-2026-2159: A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknow A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected is an unknown function of the file /tourism/classes/Master.php?f=register of the component Registration. Executing a manipulation of the argument firstname/lastname/username can lead to cross site scripting. It is possible to launch the attack remotely. The exploit
cvelistv5nvd
CVE-2026-2160MEDIUMCVSS 5.3v1.02026-02-08
CVE-2026-2160 [MEDIUM] CWE-79 CVE-2026-2160: A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Master.php?f=save_package. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public
cvelistv5nvd
CVE-2023-1041MEDIUMCVSS 6.1v1.02023-02-26
CVE-2023-1041 [LOW] CWE-79 CVE-2023-1041: A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/rate_review.php. The manipulation of the argument id with the input 1">alert(1111) leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disc
cvelistv5nvd