A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/HjsCS/CVE/issues/2 | Exploit Issue Tracking |
https://itsourcecode.com/ | Product |
https://vuldb.com/?ctiid.320535 | Permissions Required VDB Entry |
https://vuldb.com/?id.320535 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.630202 | Third Party Advisory VDB Entry |
Configurations
History
21 Aug 2025, 18:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mayurik
Mayurik online Tour \& Travel Management System |
|
References | () https://github.com/HjsCS/CVE/issues/2 - Exploit, Issue Tracking | |
References | () https://itsourcecode.com/ - Product | |
References | () https://vuldb.com/?ctiid.320535 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.320535 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.630202 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:mayurik:online_tour_\&_travel_management_system:1.0:*:*:*:*:*:*:* |
20 Aug 2025, 14:40
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Aug 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-08-19 20:15
Updated : 2025-08-21 18:40
NVD link : CVE-2025-9155
Mitre link : CVE-2025-9155
CVE.ORG link : CVE-2025-9155
JSON object : View
Products Affected
mayurik
- online_tour_\&_travel_management_system