CVE-2025-9153 Information
Aug 20, 2025
cve
Description
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used.
Reference
https://github.com/HjsCS/CVE/issues/4 https://github.com/HjsCS/CVE/issues/4 https://itsourcecode.com/ https://vuldb.com/?ctiid.320533 https://vuldb.com/?id.320533 https://vuldb.com/?submit.630200
Related CNNVD
CNNVD-202508-2208 (Published: 2025-08-19)
Share on: