Vulnerabilities > Online Tours Travels Management System Project > Online Tours Travels Management System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-03 | CVE-2022-43061 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. | 7.2 |
| 2022-10-18 | CVE-2022-41537 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operations/profile.php. | 7.2 |
| 2022-10-14 | CVE-2022-41416 | SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php. | 7.2 |
| 2022-09-27 | CVE-2022-40352 | SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php. | 7.2 |
| 2022-09-27 | CVE-2022-40353 | SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php. | 7.2 |
| 2022-09-27 | CVE-2022-40354 | SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0 Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php. | 7.2 |