CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2095 – SourceCodester Vehicle Service Management System manage_category.php sql injection
https://notcve.org/view.php?id=CVE-2023-2095
A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%204.pdf https://vuldb.com/?ctiid.226103 https://vuldb.com/?id.226103 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2094 – SourceCodester Vehicle Service Management System manage_mechanic.php sql injection
https://notcve.org/view.php?id=CVE-2023-2094
A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%203.pdf https://vuldb.com/?ctiid.226102 https://vuldb.com/?id.226102 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2093 – SourceCodester Vehicle Service Management System Login.php sql injection
https://notcve.org/view.php?id=CVE-2023-2093
A vulnerability, which was classified as critical, was found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.226101 https://vuldb.com/?id.226101 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2092 – SourceCodester Vehicle Service Management System view_service.php sql injection
https://notcve.org/view.php?id=CVE-2023-2092
A vulnerability, which was classified as critical, has been found in SourceCodester Vehicle Service Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Vehicle%20Service%20Management%20System/Vehicle%20Service%20Management%20System%20-%20vuln%201.pdf https://vuldb.com/?ctiid.226100 https://vuldb.com/?id.226100 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2021-46076
https://notcve.org/view.php?id=CVE-2021-46076
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. Sourcecodester Vehicle Service Management System versión 1.0, es vulnerable a una carga de archivos. Un atacante puede cargar un archivo php malicioso en múltiples endpoints que conllevan a una ejecución de código. • https://github.com/plsanu/CVE-2021-46076 https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution https://www.plsanu.com/vehicle-service-management-system-multiple-file-upload-leads-to-code-execution • CWE-434: Unrestricted Upload of File with Dangerous Type •