CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9816 – Codezips Tourist Management System change-image.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-9816
A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ppp-src/CVE/issues/13 https://vuldb.com/?ctiid.279968 https://vuldb.com/?id.279968 https://vuldb.com/?submit.418918 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9815 – Codezips Tourist Management System create-package.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-9815
A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ppp-src/CVE/issues/12 https://vuldb.com/?ctiid.279967 https://vuldb.com/?id.279967 https://vuldb.com/?submit.418917 • CWE-434: Unrestricted Upload of File with Dangerous Type •