Skip to main content

Train Scheduler App

3 CVEs product

Monthly

CVE-2022-43079 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Train Scheduler App
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-3774 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Train Scheduler App
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
1.1%
CVE-2022-42992 MEDIUM POC This Month

Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Train Scheduler App
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Train Scheduler App
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Train Scheduler App
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Train Scheduler App
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy