Show filters
21 Total Results
Displaying 11-20 of 21
Sort by:
Attacker Value
Unknown

CVE-2021-46074

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46073

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46072

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46071

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46070

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46069

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46068

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46067

Disclosure Date: January 06, 2022 (last updated October 07, 2023)
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-46080

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46076

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >