CVE-2025-9009 | itsourcecode Online Tour and Travel Management System 1.0 /admin/email_setup.php Name sql injection

Inserito da Angelo Barbosa | Ago 13, 2025 | CVE

A vulnerability classified as critical has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection.

This vulnerability is traded as CVE-2025-9009. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-9009 | itsourcecode Online Tour and Travel Management System 1.0 /admin/email_setup.php Name sql injection

Post correlati

CVE-2025-4309 | PHPGurukul Art Gallery Management System 1.1 /admin/add-art-type.php arttype sql injection

CVE-2024-2080 | LiquidPoll Plugin up to 3.3.76 on WordPress information disclosure

CVE-2024-1036 | openBI up to 1.0.8 Icon Screen.php uploadIcon unrestricted upload

CVE-2024-30329 | Foxit PDF Reader Annotation use after free