Sourcecodester Online Railway Reservation System vulnerabilities

5 known vulnerabilities affecting sourcecodester/online_railway_reservation_system.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2024-9321MEDIUMCVSS 6.9v1.02024-09-29
CVE-2024-9321 [MEDIUM] CWE-284 CVE-2024-9321: A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified as A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/inquiries/view_details.php. The manipulation of the argument id leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public
cvelistv5nvd
CVE-2024-9299MEDIUMCVSS 5.3v1.02024-09-28
CVE-2024-9299 [MEDIUM] CWE-79 CVE-2024-9299: A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservatio A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. This affects an unknown part of the file /?page=reserve. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the
cvelistv5nvd
CVE-2024-9298MEDIUMCVSS 5.3v1.02024-09-28
CVE-2024-9298 [MEDIUM] CWE-284 CVE-2024-9298: A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access controls. The attack may be launched remotely. The exploit has
cvelistv5nvd
CVE-2024-9297MEDIUMCVSS 5.3v1.02024-09-28
CVE-2024-9297 [MEDIUM] CWE-285 CVE-2024-9297: A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been decla A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/system_info leads to improper authorization. The attack can be launched remotely. The
cvelistv5nvd
CVE-2024-9300MEDIUMCVSS 6.9v1.02024-09-28
CVE-2024-9300 [MEDIUM] CWE-79 CVE-2024-9300: A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation Sys A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contact_us.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. The attack can be initiated remotely. The exploit has bee
cvelistv5nvd