abhiunix/Bus-Pass-Management-System-v1.0-CVEs

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-44315 ↗	Dec 16, 2021Thursday, 16 December 2021, 19:15	7.5 HIGH	5 MEDIUM
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.
CVE-2021-44317 ↗	Dec 16, 2021Thursday, 16 December 2021, 19:15	5.4 MEDIUM	3.5 LOW
In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.