Travel Management System Project: Security Vulnerabilities
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
CVSS Score
9.8
EPSS Score
0.01
Published
2021-07-23
SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-07-22