CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51328
https://notcve.org/view.php?id=CVE-2024-51328
04 Nov 2024 — Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter. • https://github.com/redtrib3/CVEs/tree/main/CVE-2024-51328%20-%20Stored%20XSS%20 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39054 – COWELL INFORMATION SYSTEM CO., LTD. enterprise travel management system - Reflected XSS
https://notcve.org/view.php?id=CVE-2022-39054
28 Sep 2022 — Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack. Cowell enterprise travel management system no presenta un filtrado suficiente para los caracteres especiales dentro de la URL de la web. Un atacante remoto no autenticado puede inyectar JavaScript y llevar a cabo un ataque de tipo XSS (Cross-Site Scripting Reflejado) • https://www.twcert.org.tw/tw/cp-132-6524-74530-1.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30838
https://notcve.org/view.php?id=CVE-2022-30838
24 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/classes/Master.php?f=update_application_status • https://github.com/mikeccltt/bug_report_CVE/blob/main/Covid-19-Travel-Pass-Management-System/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30842
https://notcve.org/view.php?id=CVE-2022-30842
24 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ctpms/classes/Users.php?f=save, firstname. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de /ctpms/classes/Users.php?f=save, firstname • https://github.com/mikeccltt/bug_report_CVE/blob/main/Covid-19-Travel-Pass-Management-System/xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30411
https://notcve.org/view.php?id=CVE-2022-30411
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/?page=individuals/view_individual&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30412
https://notcve.org/view.php?id=CVE-2022-30412
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/individuals/update_status.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30413
https://notcve.org/view.php?id=CVE-2022-30413
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/classes/Master.php?f=delete_application • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30414
https://notcve.org/view.php?id=CVE-2022-30414
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/?page=applications/view_application&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-4.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30415
https://notcve.org/view.php?id=CVE-2022-30415
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de /ctpms/admin/applications/update_status.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-5.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30417
https://notcve.org/view.php?id=CVE-2022-30417
13 May 2022 — Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. Covid-19 Travel Pass Management System versión v1.0, es vulnerable a una inyección SQL por medio de ctpms/admin/?page=user/manage_user&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-6.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •