Skip to main content

Park Ticketing System

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-15214 LOW POC Monitor

Stored cross-site scripting (XSS) in Campcodes Park Ticketing System 1.0 allows high-privileged users to inject malicious scripts via the name/ride parameter in the save_pricing function of admin_class.php, affecting user sessions with user interaction. Publicly available exploit code exists, though EPSS scoring (0.02%) and high privilege requirement (PR:H) suggest limited real-world exploitation likelihood despite the low CVSS score of 1.9.

PHP XSS Park Ticketing System
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15214
EPSS 0% CVSS 1.9
LOW POC Monitor

Stored cross-site scripting (XSS) in Campcodes Park Ticketing System 1.0 allows high-privileged users to inject malicious scripts via the name/ride parameter in the save_pricing function of admin_class.php, affecting user sessions with user interaction. Publicly available exploit code exists, though EPSS scoring (0.02%) and high privilege requirement (PR:H) suggest limited real-world exploitation likelihood despite the low CVSS score of 1.9.

PHP XSS Park Ticketing System
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy