CNNVD-202508-1778 Information

CNNVD ID

CNNVD-202508-1778

Related CVE

CVE-2025-8981

• CNNVD Published: 2025-08-14

Description (Chinese)

itsourcecode Online Tour and Travel Management是itsourcecode开源的一个在线旅游与旅行管理系统。 itsourcecode Online Tour and Travel Management 1.0版本存在注入漏洞，该漏洞源于对文件/admin/operations/payment.php中参数payment_type的错误操作导致SQL注入。

Description (English)

Its sourcecode Online Tour and Travel Management is an online tourism and travel management system that is open to access. Its sourcecode Online Tour and Travel Management Version 1.0 has an injection loophole, which results from an error in the performance of the parameter in the document/admin/operations/payment.php that caused the SQL injection.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

itsourcecode

Published

2025-08-14

Last Modified

2026-02-24

References

https://vuldb.com/?id.319977 https://vuldb.com/?submit.628658 https://vuldb.com/?ctiid.319977 https://itsourcecode.com/ https://github.com/zhuyi-hz/cve/issues/10 https://access.redhat.com/security/cve/cve-2025-8981 https://nvd.nist.gov/vuln/detail/CVE-2025-8981