CVE-2025-9153

A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used.

Published: Aug 19, 2025
Updated: Aug 20, 2025
CVE: CVE-2025-9153
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/HjsCS/CVE/issues/4
https://itsourcecode.com/
https://vuldb.com/?ctiid.320533
https://vuldb.com/?id.320533
https://vuldb.com/?submit.630200

Vulnerability Database

CVE-2025-9153