Vulnerabilities > Automotive Shop Management System Project > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-17 | CVE-2022-44402 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction. | 7.2 |
2022-11-17 | CVE-2022-44403 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=. | 7.2 |
2022-05-26 | CVE-2022-30495 | Authorization Bypass Through User-Controlled Key vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - Broken Access Control allowing attackers to change the admin password(vertical privilege escalation) | 7.5 |