Filtered by vendor Phpgurukul
Subscriptions
Filtered by product Tourism Management System
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32254 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
| Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image. | ||||
| CVE-2022-30930 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 4.3 Medium |
| Tourism Management System Version: V 3.2 is affected by: Cross Site Request Forgery (CSRF). | ||||
| CVE-2020-28136 | 1 Phpgurukul | 1 Tourism Management System | 2024-11-21 | 8.8 High |
| An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | ||||
| CVE-2024-41333 | 1 Phpgurukul | 1 Tourism Management System | 2024-08-08 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter. | ||||
Page 1 of 1.