← Back

Kjayvik

kjayvik

6 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Bus Ticket Reservation System
bus_ticket_reservation_system
6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-42766
1Kjayvik
1Bus Ticket Reservation System
Aug 26, 2024
Aug 23, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
CVE-2024-42765
1Kjayvik
1Bus Ticket Reservation System
May 6, 2025
Aug 23, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parame...Show more
A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.Show less
CVE-2024-42764
1Kjayvik
1Bus Ticket Reservation System
May 6, 2025
Aug 23, 2024
N/A· v4
9.4 CRITICAL· v3
N/A· v2
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.
CVE-2024-42763
1Kjayvik
1Bus Ticket Reservation System
May 6, 2025
Aug 22, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate...Show more
A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter.Show less
CVE-2024-42762
1Kjayvik
1Bus Ticket Reservation System
May 6, 2025
Aug 22, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parame...Show more
A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields.Show less
CVE-2024-42761
1Kjayvik
1Bus Ticket Reservation System
May 6, 2025
Aug 22, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parame...Show more
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter.Show less