Vulnerabilities > Automotive Shop Management System Project > Automotive Shop Management System > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-17	CVE-2022-44402	SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction. network low complexity automotive-shop-management-system-project CWE-89	7.2
2022-11-17	CVE-2022-44403	SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=. network low complexity automotive-shop-management-system-project CWE-89	7.2
2022-05-26	CVE-2022-30495	Authorization Bypass Through User-Controlled Key vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - Broken Access Control allowing attackers to change the admin password(vertical privilege escalation) network low complexity automotive-shop-management-system-project CWE-639	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.