CVE-2024-42764
- EPSS 0.13%
- Veröffentlicht 23.08.2024 15:15:16
- Zuletzt bearbeitet 06.05.2025 13:48:38
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.
CVE-2024-42765
- EPSS 0.04%
- Veröffentlicht 23.08.2024 15:15:16
- Zuletzt bearbeitet 06.05.2025 13:48:46
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.
CVE-2024-42766
- EPSS 0.07%
- Veröffentlicht 23.08.2024 15:15:16
- Zuletzt bearbeitet 26.08.2024 17:35:08
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
CVE-2024-42761
- EPSS 0.37%
- Veröffentlicht 22.08.2024 21:15:17
- Zuletzt bearbeitet 06.05.2025 13:48:01
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter.
CVE-2024-42762
- EPSS 0.34%
- Veröffentlicht 22.08.2024 21:15:17
- Zuletzt bearbeitet 06.05.2025 13:48:28
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.
CVE-2024-42763
- EPSS 0.34%
- Veröffentlicht 22.08.2024 21:15:17
- Zuletzt bearbeitet 06.05.2025 13:48:19
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter.