Bus Ticket Reservation System
Monthly
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.