RSS   Vulnerabilities for
'Vehicle service management system'
   RSS

2022-01-06
 
CVE-2021-46076

CWE-434
 

 
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.

 
 
CVE-2021-46080

CWE-352
 

 
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.

 
 
CVE-2021-46067

NVD-CWE-noinfo
 

 
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.

 
 
CVE-2021-46068

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.

 
 
CVE-2021-46069

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.

 
 
CVE-2021-46070

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.

 
 
CVE-2021-46071

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.

 
 
CVE-2021-46072

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.

 
 
CVE-2021-46073

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.

 
 
CVE-2021-46074

CWE-79
 

 
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.

 


Copyright 2024, cxsecurity.com

 

Back to Top