Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
online bus booking system project online bus booking system 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-25889
Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can gain the admin privilege.
Online Bus Booking System Project Online Bus Booking System 1.0
6.1
CVSSv3
CVE-2020-25272
In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in book_now.php.
Online Bus Booking System Project Online Bus Booking System 1.0
1 Github repository
9.8
CVSSv3
CVE-2020-25273
In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.
Online Bus Booking System Project Online Bus Booking System 1.0
1 Github repository
9.8
CVSSv3
CVE-2023-45012
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user_email' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45015
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'date' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45018
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the includes/login.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45019
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started