Bus Pass Management System

bus_pass_management_system

Vendor: Phpgurukul • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-3146 1Phpgurukul 1Bus Pass Management System Nov 11, 2025 Apr 3, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to...Show more A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2022-35156 1Phpgurukul 1Bus Pass Management System Nov 12, 2025 Sep 30, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..
CVE-2022-35155 1Phpgurukul 1Bus Pass Management System Nov 12, 2025 Sep 30, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.
CVE-2022-36198 1Phpgurukul 1Bus Pass Management System Nov 21, 2024 Aug 22, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php,...Show more Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.phpShow less
CVE-2022-29008 1Phpgurukul 1Bus Pass Management System Nov 21, 2024 May 11, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.
CVE-2021-44317 1Phpgurukul 1Bus Pass Management System Nov 21, 2024 Dec 16, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.
CVE-2021-44315 1Phpgurukul 1Bus Pass Management System Nov 21, 2024 Dec 16, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive informat...Show more In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.Show less