Service Provider Management System
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-43457 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2023 | An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/ endpoint. | ||
| CVE-2023-43456 | Med | 0.35 | 5.4 | 0.01 | Sep 25, 2023 | Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint. | ||
| CVE-2021-46072 | Med | 0.31 | 4.8 | 0.03 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. | ||
| CVE-2021-46071 | Med | 0.31 | 4.8 | 0.03 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. | ||
| CVE-2021-46070 | Med | 0.31 | 4.8 | 0.01 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. | ||
| CVE-2021-46069 | Med | 0.31 | 4.8 | 0.03 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. |
- risk 0.64cvss 9.8epss 0.01
An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/ endpoint.
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint.
- risk 0.31cvss 4.8epss 0.03
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.
- risk 0.31cvss 4.8epss 0.03
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.
- risk 0.31cvss 4.8epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.
- risk 0.31cvss 4.8epss 0.03
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.