Bus Ticket Reservation System

bus_ticket_reservation_system

Vendor: Kjayvik • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-42766 1Kjayvik 1Bus Ticket Reservation System Aug 26, 2024 Aug 23, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
CVE-2024-42765 1Kjayvik 1Bus Ticket Reservation System May 6, 2025 Aug 23, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parame...Show more A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.Show less
CVE-2024-42764 1Kjayvik 1Bus Ticket Reservation System May 6, 2025 Aug 23, 2024 N/A· v4 9.4 CRITICAL· v3 N/A· v2 Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.
CVE-2024-42763 1Kjayvik 1Bus Ticket Reservation System May 6, 2025 Aug 22, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate...Show more A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter.Show less
CVE-2024-42762 1Kjayvik 1Bus Ticket Reservation System May 6, 2025 Aug 22, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parame...Show more A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.Show less
CVE-2024-42761 1Kjayvik 1Bus Ticket Reservation System May 6, 2025 Aug 22, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parame...Show more A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter.Show less