plsanu

15 exploits Active since Jan 2022
CVE-2021-46072 NOMISEC MEDIUM WORKING POC
Vehicle Service Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.
1 stars
CVSS 4.8
CVE-2021-46080 NOMISEC MEDIUM WRITEUP
Vehicle Service Management System 1.0 - CSRF
A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.
CVSS 4.8
CVE-2021-46074 NOMISEC MEDIUM WRITEUP
Sourcecodester Vehicle Service Mgmt 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.
CVSS 4.8
CVE-2021-46075 NOMISEC HIGH WRITEUP
Sourcecodester Vehicle Service Mgmt 1.0 - Privilege Escalation
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.
CVSS 7.2
CVE-2021-46076 NOMISEC HIGH WORKING POC
Sourcecodester Vehicle Service Management System 1.0 - Code Injection
Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.
CVSS 8.8
CVE-2021-46078 NOMISEC MEDIUM WORKING POC
Sourcecodester Vehicle Service Mgmt 1.0 - XSS
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.
CVSS 4.8
CVE-2021-46079 NOMISEC HIGH WRITEUP
Sourcecodester Vehicle Service Mgmt 1.0 - File Upload
An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.
CVSS 7.2
CVE-2021-45745 NOMISEC MEDIUM WRITEUP
Bludit 3.13.1 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
CVSS 5.4
CVE-2021-46073 NOMISEC MEDIUM WRITEUP
Sourcecodester Vehicle Service Mgmt 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
CVSS 4.8
CVE-2021-45744 NOMISEC MEDIUM WRITEUP
bludit 3.13.1 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.
CVSS 5.4
CVE-2021-46067 NOMISEC CRITICAL WORKING POC
In Vehicle Service Management System 1.0 - Info Disclosure
In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.
CVSS 9.8
CVE-2021-46068 NOMISEC MEDIUM WORKING POC
Vehicle Service Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
CVSS 4.8
CVE-2021-46069 NOMISEC MEDIUM WORKING POC
Vehicle Service Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.
CVSS 4.8
CVE-2021-46070 NOMISEC MEDIUM WRITEUP
Vehicle Service Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.
CVSS 4.8
CVE-2021-46071 NOMISEC MEDIUM WORKING POC
Vehicle Service Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.
CVSS 4.8