CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1000474

Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.027

EPSS Ranking 85.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://singsip.wixsite.com/singsip/vuln
https://www.exploit-db.com/exploits/44318/
http://singsip.wixsite.com/singsip/vuln
https://www.exploit-db.com/exploits/44318/

Products affected by CVE-2017-1000474

Vehicle Sales Management System Project » Vehicle Sales Management System » Version: 2017-07-30

cpe:2.3:a:vehicle_sales_management_system_project:vehicle_sales_management_system:2017-07-30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1000474

Products

Pricing

Contact Us