Vehicle Management Project Vehicle Management vulnerabilities

CVE-2024-9087 [MEDIUM] CWE-89 CVE-2024-9087: A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0 A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /edit1.php. The manipulation of the argument sno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2023-42253 [MEDIUM] CWE-79 CVE-2023-42253: Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via Invoice No, To, and Mammul.