RSS   Vulnerabilities for 'Bus booking script'   RSS

2017-12-21
 
CVE-2017-17830

CWE-352
 
 
Bus Booking Script has CSRF via admin/new_master.php.

 
 
CVE-2017-17829

CWE-89
 
 
Bus Booking Script has SQL Injection via the admin/view_seatseller.php sp_id parameter or the admin/view_member.php memid parameter.

 
 
CVE-2017-17828

CWE-79
 
 
Bus Booking Script has XSS via the results.php datepicker parameter or the admin/new_master.php spemail parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top