CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2100 – SourceCodester Vehicle Service Management System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-2100
A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%209.pdf https://vuldb.com/?ctiid.226108 https://vuldb.com/?id.226108 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2098 – SourceCodester Vehicle Service Management System topBarNav.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-2098
A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /inc/topBarNav.php. The manipulation of the argument search leads to cross site scripting. The attack may be launched remotely. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%207.pdf https://vuldb.com/?ctiid.226106 https://vuldb.com/?id.226106 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •