23 matches found
EUVD-2021-24286
Malware in sbrugna...
PHPGurukul Vehicle Parking Management System 安全漏洞
Vehicle Parking Management System is a parking management system. Vehicle Parking Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata in file /admin/search-vehicle.php. An attacke...
CVE-2024-3369
A vulnerability, which was classified as critical, has been found in code-projects Car Rental 1.0. Affected by this issue is some unknown functionality of the file add-vehicle.php. The manipulation of the argument Upload Image leads to unrestricted upload. The attack may be launched remotely. The...
CVE-2024-57488
Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting XSS via the vehicalorcview parameter in /admin/edit-vehicle.php...
CVE-2024-42568
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php...
CVE-2024-10331 PHPGurukul Vehicle Record System search-vehicle.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record System 1.0. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotel...
CVE-2024-42568
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php...
CVE-2024-42568
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php...
CVE-2024-42568
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php...
PT-2024-30028 · Unknown · School Management System
Name of the Vulnerable Software and Affected Versions: School Management System affected versions not specified Description: A SQL injection issue was discovered in the School Management System, specifically via the transport parameter at the "vehicle.php" endpoint. This allows for potential...
CVE-2024-42568
CVE-2024-42568 affects the School Management System. The vulnerability is an SQL injection in the transport parameter of the vehicle.php endpoint. According to the records, the attack vector is network-based with no authentication or user interaction required, and the CVSS 3.1 vector is AV:N/AC:L...
CVE-2024-3369 code-projects Car Rental add-vehicle.php unrestricted upload
A vulnerability, which was classified as critical, has been found in code-projects Car Rental 1.0. Affected by this issue is some unknown functionality of the file add-vehicle.php. The manipulation of the argument Upload Image leads to unrestricted upload. The attack may be launched remotely. The...
CVE-2024-3369
CVE-2024-3369 affects code-projects Car Rental 1.0. The vulnerability is in add-vehicle.php, where manipulation of the Upload Image parameter enables unrestricted file upload. This can be exploited remotely and has been disclosed publicly, classed as critical with high impact to confidentiality, ...
Simple Car Rental System 代码问题漏洞
Simple Car Rental System is a simple car rental application. A code issue vulnerability exists in version 1.0 of Simple Car Rental System due to a file upload vulnerability in the parameter Upload Image of the file add-vehicle.php...
CVE-2022-43083
An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43083
CVE-2022-43083 affects Vehicle Booking System v1.0 via an arbitrary file upload in admin-add-vehicle.php that allows code execution through a crafted PHP file. The base vulnerability is confirmed across multiple sources (NVD/Red Hat/CNVD/CVE list). CVSS v3.1 base score 7.2 (High): network attack ...
CVE-2022-43083
An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43084
CVE-2022-43084 describes a cross-site scripting (XSS) vulnerability in Vehicle Booking System v1.0, specifically in the admin-add-vehicle.php page. The flaw arises from insufficient input sanitization of the v_name parameter, allowing an attacker to inject arbitrary web scripts or HTML via a craf...
CVE-2021-37805
A Stored Cross Site Scripting XSS vunerability exists in Sourcecodeste Vehicle Parking Management System affected version 1.0 is via the add-vehicle.php endpoint...
Cross site scripting
A Stored Cross Site Scripting XSS vunerability exists in Sourcecodeste Vehicle Parking Management System affected version 1.0 is via the add-vehicle.php endpoint...