CVE-2021-46078Unrestricted File Upload in Service Management System Project Vehicle Service Management System

CWE-434Unrestricted File Upload3 documents3 sources
Severity
4.8MEDIUMNVD
EPSS
1.8%
top 17.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vehicle Service Management System Project Vehicle Service Management System
Timeline
PublishedJan 6
Latest updateJan 7

Description

An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9pc4-3p8j-xq5v: An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 12022-01-07
CVEList
CVE-2021-46078: An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 12022-01-06
CVE-2021-46078 — Unrestricted File Upload | cvebase