CVE-2022-41537EPSS p60.0%
CVE-2022-41537CVE-2022-41537
online_tours_\&_travels_management_system_project / online_tours_\&_travels_management_system
Description
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Scoring
| CVSS | 7.2 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 1.06% probability of exploitation · percentile 60.0% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-17 |