Filtered by vendor Phpgurukul
Subscriptions
Filtered by product Bus Pass Management System
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44315 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-04 | 7.5 High |
| In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server. | ||||
| CVE-2021-44317 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-04 | 5.4 Medium |
| In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability. | ||||
| CVE-2022-36198 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-03 | 9.8 Critical |
| Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php | ||||
| CVE-2022-35156 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-03 | 9.8 Critical |
| Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.. | ||||
| CVE-2022-35155 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-03 | 6.1 Medium |
| Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter. | ||||
| CVE-2022-29008 | 1 Phpgurukul | 1 Bus Pass Management System | 2024-08-03 | 6.5 Medium |
| An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | ||||
Page 1 of 1.