Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Bus Pass Management System Project Subscribe
Filtered by product Bus Pass Management System
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29008 1 Bus Pass Management System Project 1 Bus Pass Management System 2022-10-06 4.0 MEDIUM 6.5 MEDIUM
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.
CVE-2022-35155 1 Bus Pass Management System Project 1 Bus Pass Management System 2022-10-05 N/A 6.1 MEDIUM
Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.
CVE-2022-35156 1 Bus Pass Management System Project 1 Bus Pass Management System 2022-10-05 N/A 9.8 CRITICAL
Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..
CVE-2022-36198 1 Bus Pass Management System Project 1 Bus Pass Management System 2022-08-23 N/A 9.8 CRITICAL
Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php
CVE-2021-44317 1 Bus Pass Management System Project 1 Bus Pass Management System 2021-12-21 3.5 LOW 5.4 MEDIUM
In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.
CVE-2021-44315 1 Bus Pass Management System Project 1 Bus Pass Management System 2021-12-21 5.0 MEDIUM 7.5 HIGH
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.