Show filters
23 Total Results
Displaying 21-23 of 23
Sort by:
Attacker Value
Unknown

CVE-2021-46080

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-46076

Disclosure Date: January 06, 2022 (last updated February 23, 2025)
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-41962

Disclosure Date: December 16, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
View More Topics  < Previous