Lucene search

Bus Pass Management System Security Vulnerabilities

cve

CVE-2022-35156

Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at...

9.8CVSS

9.8AI Score

0.003EPSS

2022-09-30 07:15 PM

cve

CVE-2022-35155

Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata...

6.1CVSS

6AI Score

0.001EPSS

2022-09-30 07:15 PM

cve

CVE-2022-36198

Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and...

9.8CVSS

9.6AI Score

0.002EPSS

2022-08-22 01:15 AM

cve

CVE-2022-29008

An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive...

6.5CVSS

6.3AI Score

0.004EPSS

2022-05-11 02:15 PM

cve

CVE-2021-44315

In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or...

7.5CVSS

7.4AI Score

0.001EPSS

2021-12-16 07:15 PM

cve

CVE-2021-44317

In Bus Pass Management System v1.0, parameters 'pagedes' and About Us are affected with a Stored Cross-site scripting...

5.4CVSS

5.3AI Score

0.001EPSS

2021-12-16 07:15 PM