CNNVD-202508-1781 Information

Aug 14, 2025 cve

CNNVD ID

CNNVD-202508-1781

CVE-2025-8984

CNNVD Published: 2025-08-14

Description (Chinese)

itsourcecode Online Tour and Travel Management System是itsourcecode开源的一个在线旅游与旅行管理系统。 itsourcecode Online Tour and Travel Management System 1.0版本存在注入漏洞，该漏洞源于对文件/admin/operations/expense_category.php中参数expense_name的错误操作导致SQL注入。

Description (English)

Its sourcecode Online Tour and Travel Management System is an online tourism and travel management system open to access. Its sourcecode Online Tour and Travel Management System Version 1.0 has an injection loophole, which results from an error in the use of the parameter expense name in the document/admin/operations/expense cate.php.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

itsourcecode

Published

2025-08-14

Last Modified

2026-02-24

References

https://vuldb.com/?submit.628661 https://github.com/zhuyi-hz/cve/issues/7 https://vuldb.com/?ctiid.319980 https://vuldb.com/?id.319980 https://itsourcecode.com/ https://access.redhat.com/security/cve/cve-2025-8984 https://nvd.nist.gov/vuln/detail/CVE-2025-8984

Share on: