Lucene search
K
Auto Dealer Management System ProjectAuto Dealer Management System

6 matches found

CVE
CVE
added 2023/02/18 7:34 p.m.94 views

CVE-2023-0913

CVE-2023-0913 affects SourceCodester Auto Dealer Management System 1.0. The vulnerability is an SQL injection in the /adms/admin/?page=vehicles/sell_vehicle endpoint triggered by manipulating the id parameter. It is exploitable remotely and has public exploits (e.g., Exploit-DB entry Auto Dealer ...

8.8CVSS6.9AI score0.01635EPSS
Web
CVE
CVE
added 2023/04/14 12:0 a.m.57 views

CVE-2023-27666

CVE-2023-27666 affects Auto Dealer Management System v1.0. The issue is a cross-site scripting (XSS) vulnerability in the name parameter of the API endpoint /classes/SystemSettings.php?f=update_settings, as described in multiple sources in the connected documents. The CVSS 3.1 metrics indicate a ...

6.1CVSS6AI score0.00472EPSS
Web
CVE
CVE
added 2023/02/19 8:10 a.m.54 views

CVE-2023-0916

CVE-2023-0916 affects SourceCodester Auto Dealer Management System 1.0, tied to improper access controls in the /adms/classes/Users.php functionality. The vulnerability enables remote exploitation and has public disclosure (exploit DB entry shows “Broken Access Control” leading to compromise of a...

8.8CVSS7.6AI score0.03074EPSS
Web
CVE
CVE
added 2023/02/18 7:33 p.m.51 views

CVE-2023-0912

CVE-2023-0912 affects SourceCodester Auto Dealer Management System 1.0. A SQL injection vulnerability exists in the /adms/admin/?page=vehicles/view_transaction endpoint caused by manipulating the id parameter, with remote exploitation possible. Public exploits/disclosures exist (e.g., Exploit-DB,...

8.8CVSS6.8AI score0.01635EPSS
Web
CVE
CVE
added 2023/02/19 8:8 a.m.44 views

CVE-2023-0915

SourceCodester Auto Dealer Management System 1.0 is affected by CVE-2023-0915, a SQL injection in the admin endpoint /adms/admin/?page=user/manage_user caused by manipulating the id parameter. The vulnerability allows remote exploitation and has publicly disclosed exploits. Several connected sour...

8.8CVSS7.7AI score0.01728EPSS
Web
CVE
CVE
added 2023/04/13 12:0 a.m.42 views

CVE-2023-27667

CVE-2023-27667 affects Auto Dealer Management System v1.0 via a SQL injection vulnerability. The attack surface is network-accessible and can lead to confidentiality, integrity, and availability impacts (per CVSS 3.1: 9.8, CRITICAL). Public sources indicate an attacker could exploit SQL injection...

9.8CVSS9.7AI score0.00731EPSS