Vehicle Management System
by Admerc
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2867 | Hig | 0.47 | 7.3 | 0.00 | Feb 21, 2026 | A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly… | ||
| CVE-2021-46076 | 0.01 | — | 0.03 | Jan 6, 2022 | Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. | |||
| CVE-2023-2099 | 0.00 | — | 0.01 | Apr 15, 2023 | A vulnerability classified as problematic has been found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack… | |||
| CVE-2023-2097 | 0.00 | — | 0.01 | Apr 15, 2023 | A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack… | |||
| CVE-2023-2094 | 0.00 | — | 0.01 | Apr 15, 2023 | A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can… | |||
| CVE-2021-46078 | 0.00 | — | 0.01 | Jan 6, 2022 | An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. | |||
| CVE-2021-46073 | 0.00 | — | 0.03 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. | |||
| CVE-2021-46074 | 0.00 | — | 0.01 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. | |||
| CVE-2021-46075 | 0.00 | — | 0.03 | Jan 6, 2022 | A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. | |||
| CVE-2021-46080 | 0.00 | — | 0.01 | Jan 6, 2022 | A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. |
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly…
- CVE-2021-46076Jan 6, 2022risk 0.01cvss —epss 0.03
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.
- CVE-2023-2099Apr 15, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Vehicle Service Management System 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack…
- CVE-2023-2097Apr 15, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack…
- CVE-2023-2094Apr 15, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can…
- CVE-2021-46078Jan 6, 2022risk 0.00cvss —epss 0.01
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.
- CVE-2021-46073Jan 6, 2022risk 0.00cvss —epss 0.03
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
- CVE-2021-46074Jan 6, 2022risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.
- CVE-2021-46075Jan 6, 2022risk 0.00cvss —epss 0.03
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.
- CVE-2021-46080Jan 6, 2022risk 0.00cvss —epss 0.01
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.