Train Scheduler App Project

Train Scheduler App

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-43079

Exploit
  • EPSS 0.34%
  • Veröffentlicht 01.11.2022 14:15:14
  • Zuletzt bearbeitet 05.05.2025 16:15:21

A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter.

9.1

CVE-2022-3774

Exploit
  • EPSS 0.5%
  • Veröffentlicht 31.10.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 07:20:13

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /train_scheduler_app/?action=delete. The manipulation of the argument id leads to imprope...

5.4

CVE-2022-42992

Exploit
  • EPSS 0.39%
  • Veröffentlicht 27.10.2022 12:15:10
  • Zuletzt bearbeitet 07.05.2025 14:15:34

Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code, Train Name, and Destination text fields.