Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Automotive Shop Management System Project Subscribe
Total 18 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44838 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-12-12 N/A 7.2 HIGH
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.
CVE-2022-44860 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-28 N/A 7.2 HIGH
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php.
CVE-2022-44858 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-28 N/A 7.2 HIGH
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php.
CVE-2022-44859 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-28 N/A 7.2 HIGH
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php.
CVE-2022-44280 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-28 N/A 6.5 MEDIUM
Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master.php?f=delete_img.
CVE-2022-44378 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic.
CVE-2022-44379 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.
CVE-2022-44414 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-19 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/services/manage_service.php?id=.
CVE-2022-44413 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-19 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=.
CVE-2022-44415 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-19 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=.
CVE-2022-44820 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-19 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=.
CVE-2022-44402 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-18 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction.
CVE-2022-44403 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-18 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=.
CVE-2022-30495 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-06-10 7.5 HIGH 9.8 CRITICAL
In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - Broken Access Control allowing attackers to change the admin password(vertical privilege escalation)
CVE-2022-30494 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-06-03 3.5 LOW 5.4 MEDIUM
In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs.
CVE-2022-30493 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-06-03 10.0 HIGH 9.8 CRITICAL
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin access(privilege escalation).
CVE-2022-30463 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-05-28 6.5 MEDIUM 8.8 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_product.
CVE-2022-30458 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-05-28 3.5 LOW 5.4 MEDIUM
Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /asms/classes/Master.php?f=save_product, name.