Security Vulnerabilities - CVEs Published In January 2022
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.
CVSS Score
4.8
EPSS Score
0.018
Published
2022-01-06
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.
CVSS Score
7.2
EPSS Score
0.086
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.
CVSS Score
5.4
EPSS Score
0.03
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
CVSS Score
5.4
EPSS Score
0.027
Published
2022-01-06
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.
CVSS Score
9.8
EPSS Score
0.141
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
CVSS Score
4.8
EPSS Score
0.057
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.
CVSS Score
4.8
EPSS Score
0.057
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.
CVSS Score
4.8
EPSS Score
0.008
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.
CVSS Score
4.8
EPSS Score
0.057
Published
2022-01-06
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.
CVSS Score
4.8
EPSS Score
0.057
Published
2022-01-06