Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Vehicle Service Management System Project Subscribe
Filtered by product Vehicle Service Management System

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46075 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-07-12 6.5 MEDIUM 7.2 HIGH
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.
CVE-2021-46080 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-13 3.5 LOW 4.8 MEDIUM
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.
CVE-2021-46078 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-13 3.5 LOW 4.8 MEDIUM
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.
CVE-2021-46067 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-13 7.5 HIGH 9.8 CRITICAL
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.
CVE-2021-46076 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-12 6.5 MEDIUM 8.8 HIGH
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.
CVE-2021-46079 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-12 6.5 MEDIUM 7.2 HIGH
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.
CVE-2021-46074 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-11 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.
CVE-2021-46073 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-11 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
CVE-2021-46071 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-10 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.
CVE-2021-46072 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-07 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.
CVE-2021-46070 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-07 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.
CVE-2021-46069 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-07 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.
CVE-2021-46068 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2022-01-07 3.5 LOW 4.8 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
CVE-2021-41962 1 Vehicle Service Management System Project 1 Vehicle Service Management System 2021-12-20 3.5 LOW 4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service.