CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-0229 – code-projects Travel Management System enquiry.php sql injection
https://notcve.org/view.php?id=CVE-2025-0229
05 Jan 2025 — A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0. This issue affects some unknown processing of the file /enquiry.php. The manipulation of the argument pid/t1/t2/t3/t4/t5/t6/t7 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-12950 – code-projects/projectworlds Travel Management System subcat.php sql injection
https://notcve.org/view.php?id=CVE-2024-12950
26 Dec 2024 — A vulnerability was found in code-projects Travel Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /subcat.php. The manipulation of the argument catid leads to sql injection. The attack may be initiated remotely. • https://code-projects.org • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12949 – code-projects Travel Management System package.php sql injection
https://notcve.org/view.php?id=CVE-2024-12949
26 Dec 2024 — A vulnerability was found in code-projects Travel Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /package.php. The manipulation of the argument subcatid leads to sql injection. The attack can be initiated remotely. • https://code-projects.org • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12948 – code-projects Travel Management System detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-12948
26 Dec 2024 — A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30838
https://notcve.org/view.php?id=CVE-2022-30838
24 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/classes/Master.php?f=update_application_status • https://github.com/mikeccltt/bug_report_CVE/blob/main/Covid-19-Travel-Pass-Management-System/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30842
https://notcve.org/view.php?id=CVE-2022-30842
24 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/classes/Users.php?f=save, firstname. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de /ctpms/classes/Users.php?f=save, firstname • https://github.com/mikeccltt/bug_report_CVE/blob/main/Covid-19-Travel-Pass-Management-System/xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30411
https://notcve.org/view.php?id=CVE-2022-30411
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/?page=individuals/view_individual&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30412
https://notcve.org/view.php?id=CVE-2022-30412
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/individuals/update_status.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30413
https://notcve.org/view.php?id=CVE-2022-30413
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/classes/Master.php?f=delete_application • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30414
https://notcve.org/view.php?id=CVE-2022-30414
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/?page=applications/view_application&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-4.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •