Vehicle Service Management System@* Security Vulnerabilities and Issues — Vehicle Service Management System@* CVE List

Lucene search

Vehicle Service Management System ProjectVehicle Service Management System*

12 matches found

CVE•added 2022/01/06 4:15 p.m.•45 views

CVE-2021-46073

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.

4.8CVSS4.8AI score0.0426EPSS

CVE•added 2022/01/06 4:15 p.m.•43 views

CVE-2021-46072

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.

4.8CVSS4.8AI score0.0426EPSS

CVE•added 2022/01/06 4:15 p.m.•42 views

CVE-2021-46075

A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.

7.2CVSS6.9AI score0.01579EPSS

CVE•added 2022/01/06 4:15 p.m.•41 views

CVE-2021-46068

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.

4.8CVSS4.8AI score0.0426EPSS

CVE•added 2022/01/06 4:15 p.m.•41 views

CVE-2021-46071

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.

4.8CVSS4.8AI score0.0426EPSS

CVE•added 2022/01/06 4:15 p.m.•41 views

CVE-2021-46078

An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.

4.8CVSS4.9AI score0.01765EPSS

CVE•added 2022/01/06 4:15 p.m.•40 views

CVE-2021-46069

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.

4.8CVSS4.8AI score0.0426EPSS

CVE•added 2022/01/06 4:15 p.m.•39 views

CVE-2021-46074

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.

4.8CVSS4.8AI score0.00598EPSS

CVE•added 2022/01/06 4:15 p.m.•37 views

CVE-2021-46079

An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.

7.2CVSS6.9AI score0.08626EPSS

CVE•added 2022/01/06 4:15 p.m.•35 views

CVE-2021-46067

In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.

9.8CVSS9.3AI score0.14113EPSS

CVE•added 2022/01/06 3:15 p.m.•34 views

CVE-2021-46080

A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.

4.8CVSS5.1AI score0.00281EPSS

CVE•added 2022/01/06 4:15 p.m.•32 views

CVE-2021-46070

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.

4.8CVSS4.8AI score0.00752EPSS