Filtered by vendor Janobe
Subscriptions
Filtered by product Vehicle Management System
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2377 | 1 Janobe | 1 Vehicle Management System | 2025-05-14 | 3.5 Low |
| A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /confirmbooking.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting product names. | ||||
| CVE-2024-48245 | 1 Janobe | 1 Vehicle Management System | 2025-05-14 | 7.2 High |
| Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include "Booking ID", "Action Name", and "Payment Confirmation ID", which are present in /newvehicle.php and /newdriver.php. | ||||
Page 1 of 1.