26 matches found
EUVD-2020-23054
Malware in sbrugna...
CVE-2024-42762
A Stored Cross Site Scripting XSS vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields...
CVE-2024-42761
A Stored Cross Site Scripting XSS vulnerability was found in "/adminschedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
CVE-2024-42763
A Reflected Cross Site Scripting XSS vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter...
CVE-2024-42765
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...
CVE-2020-35378
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields...
Kashipara Bus Ticket Reservation System Cross-Site Scripting Vulnerability (CNVD-2024-38206)
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in /adminschedule.php, and can be...
Kashipara Bus Ticket Reservation System Cross-Site Scripting Vulnerability (CNVD-2024-38207)
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the bookingdate parameter of...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
CVE-2024-42765
CVE-2024-42765 describes a SQL injection in Kashipara Bus Ticket Reservation System v1.0, triggered on the "/login.php" page via the email or password parameters due to lack of input validation. Exploitation permits remote attackers to execute arbitrary SQL and bypass login, potentially gaining u...
CVE-2024-42765
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
CVE-2024-42763
A Reflected Cross Site Scripting XSS vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter...
CVE-2024-42762
A Stored Cross Site Scripting XSS vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields...
CVE-2024-42763
CVE-2024-42763 : A reflected XSS in Kashipara Bus Ticket Reservation System v1.0, exploitable via the /schedule.php?bookingdate parameter. The root cause is insufficient filtering/escaping of user input for bookingdate, enabling arbitrary script execution. Documented by multiple sources (NVD, Red...
Kashipara Bus Ticket Reservation System 安全漏洞
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the bookingdate parameter of...
CVE-2024-42763
A Reflected Cross Site Scripting XSS vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter...