Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at...
9.8CVSS
9.8AI Score
0.003EPSS
Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata...
6.1CVSS
6AI Score
0.001EPSS
Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and...
9.8CVSS
9.6AI Score
0.002EPSS
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive...
6.5CVSS
6.3AI Score
0.004EPSS
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or...
7.5CVSS
7.4AI Score
0.001EPSS
In Bus Pass Management System v1.0, parameters 'pagedes' and About Us are affected with a Stored Cross-site scripting...
5.4CVSS
5.3AI Score
0.001EPSS