Vulnerability Details CVE-2021-44315
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf
- https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing
- https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf
- https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing
Products affected by CVE-2021-44315
-
cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0