CVE-2025-9155 | itsourcecode Online Tour and Travel Management System 1.0 forget_password.php email sql injection

Inserito da Angelo Barbosa | Ago 19, 2025 | CVE

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0 and classified as critical. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection.

This vulnerability is traded as CVE-2025-9155. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-9155 | itsourcecode Online Tour and Travel Management System 1.0 forget_password.php email sql injection

Post correlati

CVE-2025-54452 | Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 improper authentication

CVE-2024-5163 | TECNO com.transsion.carlcare 5.8.1.4 Setting permission

CVE-2024-24904 | Dell Secure Connect Gateway prior 5.22.00.16 Trusted Application Data Store cross site scripting (dsa-2024-077)

CVE-2025-0411 | 7-zip up to 24.07 Mark-of-the-Web protection mechanism