5 matches found
CVE-2022-30053
CVE-2022-30053 affects Toll Tax Management System version 1.0, where the vulnerable component is the unparameterized id parameter in SQL queries, enabling SQL injection. The connected documents consistently describe this vulnerability across multiple sources, but none provide concrete exploit cod...
CVE-2022-30837
CVE-2022-30837 affects Toll-tax-management-system v1.0. The vulnerability is a Cross Site Scripting (XSS) flaw in the API endpoint /ttms/classes/Master.php with the f parameter set to save_recipient and the vehicle_name field. Root cause is input handling in that endpoint allowing injection of sc...
CVE-2024-51032
CVE-2024-51032 affects Sourcecodester Toll Tax Management System 1.0. The vulnerability is a Cross-site Scripting (XSS) in the file manage_recipient.php, exploitable by remote authenticated users via the owner input field. According to the sources, the impact is XSS with potential script injectio...
CVE-2023-44047
CVE-2023-44047 affects Sourcecodester Toll Tax Management System v1. The root cause is SQL Injection in the application (SQLi). CVSS v3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H; base score 7.2 (HIGH). Exploitation would be via network access without user interaction, but the details of exploit patt...
CVE-2023-36158
CVE-2023-36158 is an XSS vulnerability in sourcecodester Toll Tax Management System 1.0, exploitable via the First Name and Last Name fields on the My Account page. The linked sources consistently describe arbitrary code execution through user input, with no public exploit details provided in the...