Vulnerabilities > Online Tours AND Travels Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-07 | CVE-2022-43050 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component update_profile.php. | 7.2 |
| 2022-10-17 | CVE-2022-42142 | Unspecified vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php. | 7.2 |
| 2022-09-26 | CVE-2022-40097 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. | 7.2 |
| 2022-09-23 | CVE-2022-40091 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. | 7.2 |
| 2022-09-23 | CVE-2022-40092 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. | 7.2 |
| 2022-09-23 | CVE-2022-40093 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. | 7.2 |
| 2022-08-02 | CVE-2022-35421 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. | 7.2 |
| 2022-06-15 | CVE-2022-32992 | SQL Injection vulnerability in Online Tours and Travels Management System Project Online Tours and Travels Management System 1.0 Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. | 7.2 |