RSS   Vulnerabilities for 'Bus pass management system'   RSS

2022-05-11
 
CVE-2022-29008

CWE-639
 

 
An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.

 
2021-12-16
 
CVE-2021-44315

CWE-552
 

 
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.

 
 
CVE-2021-44317

CWE-79
 

 
In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.

 


Copyright 2024, cxsecurity.com

 

Back to Top