CVE-2025-57642

Published: Sep 10, 2025Modified: Oct 17, 2025

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality.

Affected (1)

Products: Sohamjuhin: Tourism Management System

1 product

Tourism Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sohamjuhin Tourism Management System	Version 2.0

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://github.com/debug-security/CVE/tree/main/CVE-2025-57642

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/sohamjuhin/Tourism-Management-System/issues/2

Source: cve@mitre.org

ExploitIssue Tracking

Timeline

No history available yet.