Vulnerabilities > Phpgurukul > Tourism Management System

DATE CVE VULNERABILITY TITLE RISK
2024-08-06 CVE-2024-41333 Cross-site Scripting vulnerability in PHPgurukul Tourism Management System 2.0
A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.
network
low complexity
phpgurukul CWE-79
6.1
6.1
2024-02-23 CVE-2024-1822 Unspecified vulnerability in PHPgurukul Tourism Management System 1.0
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0.
network
low complexity
phpgurukul
6.1
6.1
2022-06-14 CVE-2022-30930 Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Tourism Management System 3.2
Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF).
network
low complexity
phpgurukul CWE-352
4.3
4.3
2020-11-17 CVE-2020-28136 Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Tourism Management System 1.0
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.
network
low complexity
phpgurukul CWE-434
8.8
8.8