CVE-2025-9426 | itsourcecode Online Tour and Travel Management System 1.0 /package.php subcatid sql injection

Inserito da Angelo Barbosa | Ago 25, 2025 | CVE

A vulnerability labeled as critical has been found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection.

This vulnerability appears as CVE-2025-9426. The attack may be performed from a remote location. In addition, an exploit is available.

CVE-2025-9426 | itsourcecode Online Tour and Travel Management System 1.0 /package.php subcatid sql injection

Post correlati

CVE-2022-48703 | Linux Kernel up to 5.19.8 kmemdup null pointer dereference (dae42083b045/7931e28098a4)

CVE-2024-30308 | Adobe Substance 3D Painter up to 9.1.2 out-of-bounds (apsb24-31)

CVE-2025-1548 | iteachyou Dreamer CMS 4.1.3 /admin/archives/edit editorValue/answer/content cross site scripting

CVE-2025-54667 | myCred Plugin up to 2.9.4.3 on WordPress race condition