CNNVD-202509-4302 Information

CNNVD ID

CNNVD-202509-4302

Related CVE

CVE-2025-11103

• CNNVD Published: 2025-09-28

Description (Chinese)

Projectworlds Online Tours and Travels是印度Projectworlds公司的一个在线旅游和旅行程序。 Projectworlds Online Tours and Travels 1.0版本存在代码问题漏洞，该漏洞源于文件/admin/change-image.php中参数packageimage的操作不当，可能导致任意文件上传。

Description (English)

Projectworlds Online Tours and Travels are an online travel and travel programme of Projectworlds India. Projectworlds Online Tours and Travels 1.0 have a code problem loophole, which stems from the inappropriate operation of the parameter package in file/admin/change-image.php, which may lead to the uploading of any file.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Projectworlds

Published

2025-09-28

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.326184 https://vuldb.com/?submit.662395 https://vuldb.com/?id.326184 https://github.com/Landjun/CVE/issues/1 https://access.redhat.com/security/cve/cve-2025-11103