Kashipara - Bus Ticket Reservation System CVE - OpenCVE

Filtered by vendor Kashipara Subscriptions

Filtered by product Bus Ticket Reservation System Subscriptions

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-42766	2 Kashipara, Kjayvik	2 Bus Ticket Reservation System, Bus Ticket Reservation System	2024-08-26	5.4 Medium
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
CVE-2024-42763	1 Kashipara	1 Bus Ticket Reservation System	2024-08-23	5.4 Medium
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter.
CVE-2024-42765	1 Kashipara	1 Bus Ticket Reservation System	2024-08-23	9.8 Critical
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.
CVE-2024-42761	1 Kashipara	1 Bus Ticket Reservation System	2024-08-23	6.1 Medium
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter.
CVE-2024-42762	1 Kashipara	1 Bus Ticket Reservation System	2024-08-23	5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.
CVE-2024-42764	1 Kashipara	1 Bus Ticket Reservation System	2024-08-23	9.4 Critical
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.

Page 1 of 1.