Vulnerabilities > Online Travel Agency System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-17 | CVE-2023-31938 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php. | 7.2 |
| 2023-08-17 | CVE-2023-31939 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php. | 7.2 |
| 2023-08-17 | CVE-2023-31940 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php. | 7.2 |
| 2023-08-17 | CVE-2023-31941 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php. | 7.2 |
| 2023-08-17 | CVE-2023-31942 | Cross-site Scripting vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php. | 4.8 |
| 2023-08-17 | CVE-2023-31943 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php. | 7.2 |
| 2023-08-17 | CVE-2023-31944 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php. | 7.2 |
| 2023-08-17 | CVE-2023-31945 | SQL Injection vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php. | 7.2 |
| 2023-08-17 | CVE-2023-31946 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Travel Agency System Project Online Travel Agency System 1.0 File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php. | 7.2 |