CVE-2025-9053 | projectworlds Travel Management System 1.0 /updatesubcategory.php t1/s1 sql injection

Inserito da Angelo Barbosa | Ago 14, 2025 | CVE

A vulnerability was found in projectworlds Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection.

This vulnerability was named CVE-2025-9053. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-9053 | projectworlds Travel Management System 1.0 /updatesubcategory.php t1/s1 sql injection

Post correlati

CVE-2024-39932 | Gogs up to 0.13.0 Change Preview argument injection

CVE-2025-49590 | CryptPad 1.1.1/3.0.0 Link Bouncer incomplete denylist to cross-site scripting (GHSA-vq9h-x3gr-v8rj)

CVE-2023-42227 | Pat Infinite Solutions HelpdeskAdvanced up to 11.0.33 WSCView/Save path traversal

CVE-2024-35162 | WPFactory Download Plugins and Themes from Dashboard Plugin up to 1.8.5 path traversal