34 matches found
CVE-2024-42762
A Stored Cross Site Scripting XSS vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields...
CVE-2024-42761
A Stored Cross Site Scripting XSS vulnerability was found in "/adminschedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
CVE-2024-42763
A Reflected Cross Site Scripting XSS vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter...
CVE-2024-42765
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
Kashipara Bus Ticket Reservation System Access Control Error Vulnerability
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. An access control error vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which can be exploited by attackers to cause unauthorized operation...
Kashipara Bus Ticket Reservation System Cross-Site Request Forgery Vulnerability
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site request forgery vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from /deleteTicket.php not adequately verifying that the request comes from a trusted user, and can be...
Kashipara Bus Ticket Reservation System Cross-Site Scripting Vulnerability (CNVD-2024-38206)
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in /adminschedule.php, and can be...
Kashipara Bus Ticket Reservation System Cross-Site Scripting Vulnerability
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the Name, Phone, and Email...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
CVE-2024-42765
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...
Kashipara Bus Ticket Reservation System 安全漏洞
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A SQL injection vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the application's lack of validation of externally-entered SQL statements, and can be exploited by a remote...
CVE-2024-42766
Kashipara Bus Ticket Reservation System v1.0.0 is reported vulnerable to Incorrect Access Control via the /deleteTicket.php endpoint, enabling unauthorized actions such as deleting bookings. The root cause is broken access control; the impact is access/modify/admin actions outside the intended pe...
CVE-2024-42764
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...
Kashipara Bus Ticket Reservation System 安全漏洞
Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site request forgery vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from /deleteTicket.php not adequately verifying that the request comes from a trusted user, and can be...
CVE-2024-42764
CVE-2024-42764 affects Kashipara Bus Ticket Reservation System v1.0. The public details show a CSRF vulnerability in /deleteTicket.php that allows forging requests without user interaction, aligning with a network-based attack vector. The CVE metrics describe low confidentiality impact but high i...