Vulnerability Details CVE-2021-46079
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.086
EPSS Ranking 92.0%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection
- https://www.plsanu.com/vehicle-service-management-system-multiple-file-upload-leads-to-html-injection
- https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection
- https://www.plsanu.com/vehicle-service-management-system-multiple-file-upload-leads-to-html-injection
Products affected by CVE-2021-46079
-
cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*