漏洞描述
itsourcecode Online Tour and Travel Management System是itsourcecode开源的一个在线旅游与旅行管理系统。 itsourcecode Online Tour and Travel Management System 1.0版本存在注入漏洞,该漏洞源于对文件/admin/operations/packages.php中参数pname的错误操作导致SQL注入。
itsourcecode Online Tour and Travel Management System 注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- 中成科信票务管理系统 /SystemManager/Api/TicketManager.ashx SQL 注入漏洞
- 新视窗新一代物业管理系统 /OfficeManagement/RegisterManager/Report/Training/Report/GetprintData.asmx SQL 注入漏洞
- 泛微e-office /E-mobile/App/System/UserSelect/dept.php 未授权访问漏洞
- School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- (CVE-2021-4462)Employee Records System 1.0任意文件上传漏洞
- POC CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection
- 中成科信票务管理系统 /SystemManager/OrderManager/OrderManager.ashx 文件读取漏洞
- 亿赛通电子文档安全管理系统 /CDGServer3/logManagement/LogDownLoadService SQL 注入漏洞
- HJSoft HCM Human Resources Management System /selfservice/lawresource/downlawbase SQL 注入漏洞(CVE-2025-10197)
- Project-Online-Shopping-Website SQL注入漏洞
- Code-Projects Project Monitoring System SQL注入漏洞