MidnightBSD

Advisories for toll_tax_management_system_project

CVE-2022-30053 HIGH

In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
toll_tax_management_system_project toll_tax_management_system 1.0
CVE-2022-30837 LOW

Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting (XSS) via /ttms/classes/Master.php?f=save_recipient, vehicle_name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
toll_tax_management_system_project toll_tax_management_system 1.0
CVE-2023-36158

Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page.

Products Affected

Vendor Product Version
toll_tax_management_system_project toll_tax_management_system 1.0
CVE-2023-44047

Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
toll_tax_management_system_project toll_tax_management_system 1.0