Filtered by vendor Vehicle Service Management System Project
Subscribe
Total
14 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-46075 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-07-12 | 6.5 MEDIUM | 7.2 HIGH |
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. | |||||
CVE-2021-46080 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-13 | 3.5 LOW | 4.8 MEDIUM |
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. | |||||
CVE-2021-46078 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-13 | 3.5 LOW | 4.8 MEDIUM |
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. | |||||
CVE-2021-46067 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-13 | 7.5 HIGH | 9.8 CRITICAL |
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover. | |||||
CVE-2021-46076 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-12 | 6.5 MEDIUM | 8.8 HIGH |
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. | |||||
CVE-2021-46079 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-12 | 6.5 MEDIUM | 7.2 HIGH |
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. | |||||
CVE-2021-46074 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-11 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. | |||||
CVE-2021-46073 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-11 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. | |||||
CVE-2021-46071 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-10 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. | |||||
CVE-2021-46072 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. | |||||
CVE-2021-46070 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. | |||||
CVE-2021-46069 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. | |||||
CVE-2021-46068 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. | |||||
CVE-2021-41962 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2021-12-20 | 3.5 LOW | 4.8 MEDIUM |
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service. |