Page 3 of 16 results (0.005 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. This vulnerability affects the function save_package of the file admin/packages/manag_package.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20CSRF-2.md https://vuldb.com/?ctiid.274120 https://vuldb.com/?id.274120 https://vuldb.com/?submit.388766 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been classified as problematic. This affects the function save_users of the file admin/user/index.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20CSRF-1.md https://vuldb.com/?ctiid.274119 https://vuldb.com/?id.274119 https://vuldb.com/?submit.388765 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Car Driving School Managment System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_package. Se ha detectado que Car Driving School Managment System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio de /cdsms/classes/Master.php?f=delete_package • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/car-driving-school-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment. Se ha detectado que Car Driving School Managment System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio de /cdsms/classes/Master.php?f=delete_enrollment • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/car-driving-school-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Car Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details. Car Driving School Management System versión v1.0, está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS) en el formulario de inscripción de usuarios (campo Username). Para explotar esta vulnerabilidad, un administrador visualiza los detalles del usuario registrado. • https://github.com/nsparker1337/OpenSource/blob/main/exploit_xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •