Lucene search

Doditsolutions Security Vulnerabilities

cve

Bus Booking Script has XSS via the results.php datepicker parameter or the admin/new_master.php spemail parameter.

4.8CVSS

4.9AI Score

0.001EPSS

2017-12-21 05:29 AM

cve

Bus Booking Script has SQL Injection via the admin/view_seatseller.php sp_id parameter or the admin/view_member.php memid parameter.

7.2CVSS

7.5AI Score

0.001EPSS

2017-12-21 05:29 AM

cve

Bus Booking Script has CSRF via admin/new_master.php.

6.8CVSS

6.7AI Score

0.001EPSS

2017-12-21 05:29 AM