CVE-2025-9426 – iSourcecode Online Tour and Travel Management System SQL Injection

August 25, 2025

CVE ID : CVE-2025-9426

Published : Aug. 25, 2025, 11:15 p.m. | 2 hours, 41 minutes ago

Description : A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9429 – Mtons Mblog Cross Site Scripting Vulnerability

Next Article CVE-2025-9425 – iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

Optimizing PWAs For Different Display Modes

Node.js Web App Development Costs: A 2025 Executive Pricing Guide

Google locking down Android security with upcoming developer verification requirements for sideloaded apps

Microsoft donates DocumentDB to the Linux Foundation

Google can translate your voice in real time now – try it free

The one-click Linux app I use for instant online anonymity

You can try Android 16’s new lock screen widgets – if you have one of these phones

Apple’s iPhone 17 event launch date is official – here’s everything we expect

Password Strength Estimator Validation in Laravel

Password Strength Estimator Validation in Laravel

Laravel’s Enhanced String Validation with Inverse Methods

Using SQLite in production with Laravel

Microsoft Excel just got a Copilot function — but the new AI has some surprising limitations

Microsoft Excel just got a Copilot function — but the new AI has some surprising limitations

Why Final Fantasy XIV fans are review‑bombing the game on Steam

Google Chrome VPN under fire for secretly screenshotting users’ browsing habits

CVE-2025-9426 – iSourcecode Online Tour and Travel Management System SQL Injection

Yemen Cyber Army hacker jailed after stealing millions of people’s data

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

Building a custom text-to-SQL agent using Amazon Bedrock and Converse API

Linux 6.16 Released with OpenVPN Speed Boost, 5-Level Paging + More

InvenTree – inventory management system

Make your JS functions smarter and cleaner with default parameters

CVE-2025-39445 – Highwarden Super Store Finder SQL Injection

CVE-2025-3702 – Melapress File Monitor Missing Authorization Vulnerability

CVE-2025-5302 – Llama Index JSONReader Recursive Denial of Service

5 Powerful Ways to Deploy PHP Applications with DeployHQ

CVE-2025-9426 – iSourcecode Online Tour and Travel Management System SQL Injection

Related Posts