cbcvebase.

Codeastro Online Railway Reservation System vulnerabilities

5 known vulnerabilities affecting codeastro/online_railway_reservation_system.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2024-7910P3HIGHCVSS 7.2v1.02024-08-18
CVE-2024-7910 [HIGH] CWE-434 CVE-2024-7910: A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as criti A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/emp-profile-avatar.php of the component Profile Photo Update Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been dis
nvd
CVE-2024-7815P4MEDIUMCVSS 4.8PoCv1.02024-08-15
CVE-2024-7815 [MEDIUM] CWE-79 CVE-2024-7815: A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site sc
nvd
CVE-2024-7912P4MEDIUMCVSS 5.3v1.02024-08-18
CVE-2024-7912 [MEDIUM] CWE-548 CVE-2024-7912: A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared a A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be
nvd
CVE-2024-0782P4MEDIUMCVSS 6.1v1.02024-01-22
CVE-2024-0782 [MEDIUM] CWE-79 CVE-2024-0782: A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the p
nvd
CVE-2024-7814P4MEDIUMCVSS 4.8v1.02024-08-15
CVE-2024-7814 [MEDIUM] CWE-79 CVE-2024-7814: A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservat A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site scripting. It is possible to la
nvd
Codeastro Online Railway Reservation System vulnerabilities | cvebase