Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
travel management project travel management vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2019-15773
The nd-travel plugin prior to 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting.
Travel Management Project Travel Management
7.5
CVSSv2
CVE-2021-25208
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows malicious users to execute arbitrary code via the file upload to updatepackage.php.
Travel Management System Project Travel Management System 1.0
7.5
CVSSv2
CVE-2021-25213
SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the catid parameter to subcat.php.
Travel Management System Project Travel Management System 1.0
NA
CVE-2022-39054
Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.
Cowell Enterprise Travel Management System Project Cowell Enterprise Travel Management System -
7.5
CVSSv2
CVE-2022-30054
In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks.
Covid 19 Travel Pass Management Project Covid 19 Travel Pass Management 1.0
3.5
CVSSv2
CVE-2022-30842
Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/classes/Users.php?f=save, firstname.
Covid 19 Travel Pass Management System Project Covid 19 Travel Pass Management System 1.0
5.5
CVSSv2
CVE-2022-30408
Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img.
Covid 19 Travel Pass Management System Project Covid 19 Travel Pass Management System 1.0
6.5
CVSSv2
CVE-2022-30412
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=.
Covid 19 Travel Pass Management System Project Covid 19 Travel Pass Management System 1.0
6.5
CVSSv2
CVE-2022-30414
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=.
Covid 19 Travel Pass Management System Project Covid 19 Travel Pass Management System 1.0
6.5
CVSSv2
CVE-2022-30417
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=.
Covid 19 Travel Pass Management System Project Covid 19 Travel Pass Management System 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »