Vulnerabilities > Phpgurukul > BUS Pass Management System > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-35155 | Cross-site Scripting vulnerability in PHPgurukul BUS Pass Management System 1.0 Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter. | 6.1 |
| 2022-05-11 | CVE-2022-29008 | Authorization Bypass Through User-Controlled Key vulnerability in PHPgurukul BUS Pass Management System 1.0 An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. | 6.5 |
| 2021-12-16 | CVE-2021-44317 | Cross-site Scripting vulnerability in PHPgurukul BUS Pass Management System 1.0 In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability. | 5.4 |