Janobe

Vehicle Management System

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-2377

Exploit
  • EPSS 0.09%
  • Veröffentlicht 17.03.2025 12:31:04
  • Zuletzt bearbeitet 14.05.2025 21:18:03

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /confirmbooking.php. The manipulation of the argument id leads to cross site scr...

5.4

CVE-2024-48246

Exploit
  • EPSS 0.19%
  • Veröffentlicht 05.03.2025 19:15:37
  • Zuletzt bearbeitet 31.12.2025 01:13:36

Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the "Name" parameter of /vehicle-management/booking.php.

7.2

CVE-2024-48245

  • EPSS 3.38%
  • Veröffentlicht 07.01.2025 16:15:34
  • Zuletzt bearbeitet 14.05.2025 16:06:12

Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include "Booking ID", "Act...