CVE-2025-9153 | itsourcecode Online Tour and Travel Management System 1.0 travellers.php photo unrestricted upload

Inserito da Angelo Barbosa | Ago 19, 2025 | CVE

A vulnerability, which was classified as critical, was found in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload.

This vulnerability is reported as CVE-2025-9153. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-9153 | itsourcecode Online Tour and Travel Management System 1.0 travellers.php photo unrestricted upload

Post correlati

CVE-2024-28865 | django-wiki up to 0.10.0 on Django Article redos (GHSA-wj85-w4f4-xh8h)

CVE-2024-2555 | SourceCodester Employee Task Management System 1.0 update-admin.php admin_id sql injection

CVE-2024-32499 | Newforma Project Center Server up to 2023.3.0.32259 .NET Remoting code injection

CVE-2025-6023 | Grafana up to 11.3.8/11.4.6/11.5.6/11.6.3/12.0.2 redirect