Lucene search
K

13 matches found

OSV
OSV
added 2024/08/23 3:15 p.m.3 views

CVE-2024-42765

A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...

9.8CVSS6.1AI score0.00694EPSS
Exploits1References2
NVD
NVD
added 2024/08/23 3:15 p.m.12 views

CVE-2024-42766

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...

5.4CVSS0.00296EPSS
Exploits0References2
CVE
CVE
added 2024/08/23 12:0 a.m.54 views

CVE-2024-42764

CVE-2024-42764 affects Kashipara Bus Ticket Reservation System v1.0. The public details show a CSRF vulnerability in /deleteTicket.php that allows forging requests without user interaction, aligning with a network-based attack vector. The CVE metrics describe low confidentiality impact but high i...

9.4CVSS7.3AI score0.00299EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/23 12:0 a.m.11 views

CVE-2024-42766

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...

6.9AI score0.00296EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/23 12:0 a.m.18 views

CVE-2024-42765

A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...

8.8AI score0.00694EPSS
Exploits1References2
CVE
CVE
added 2024/08/23 12:0 a.m.49 views

CVE-2024-42766

Kashipara Bus Ticket Reservation System v1.0.0 is reported vulnerable to Incorrect Access Control via the /deleteTicket.php endpoint, enabling unauthorized actions such as deleting bookings. The root cause is broken access control; the impact is access/modify/admin actions outside the intended pe...

5.4CVSS7.1AI score0.00296EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/08/22 9:15 p.m.5 views

CVE-2024-42761

A Stored Cross Site Scripting XSS vulnerability was found in "/adminschedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter...

6.1CVSS6.1AI score0.00444EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.8 views

PT-2024-30132 · Unknown · Kashipara Bus Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: Kashipara Bus Ticket Reservation System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/history.php" endpoint, allowing remote attackers to execute arbitrary code via the Name, Phone, and Email parameter...

5.4CVSS6.8AI score0.00415EPSS
Exploits1References7
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2022-30817

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...

9.8CVSS7.4AI score0.01081EPSS
Exploits1References1
NVD
NVD
added 2022/06/02 2:15 p.m.20 views

CVE-2022-30817

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...

9.8CVSS0.01081EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Simple Bus Ticket Booking System SQL注入漏洞

Simple Bus Ticket Booking System is a bus ticket booking system. version 1.0 of Simple Bus Ticket Booking System is vulnerable to SQL injection attack via /SimpleBusTicket/index.php...

9.8CVSS5.8AI score0.01081EPSS
Exploits1References2
OSV
OSV
added 2022/05/11 1:15 p.m.4 views

CVE-2022-29317

Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/handleLogin.php...

9.8CVSS5.8AI score0.00874EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/11 1:15 p.m.1 views

CVE-2022-29317

Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/handleLogin.php...

9.8CVSS5.9AI score0.00874EPSS
Exploits0References3
Rows per page
Query Builder