CVE-2025-11103 | Projectworlds Online Tours and Travels 1.0 /admin/change-image.php packageimage unrestricted upload

A vulnerability marked as critical has been reported in Projectworlds Online Tours and Travels 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload.

This vulnerability is listed as CVE-2025-11103. The attack may be initiated remotely. In addition, an exploit is available.VulDB Recent EntriesRead More