Lucene search

MitreCVE-2021-27822

HistoryAug 19, 2021 - 2:39 p.m.

CVE-2021-27822

2021-08-1914:39:30

CWE-79

mitre

web.nvd.nist.gov

cve-2021-27822

xss vulnerability

add categories module

vehicle parking management system 1.0

security vulnerability

web security

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

38.9%

JSON

A persistent cross site scripting (XSS) vulnerability in the Add Categories module of Vehicle Parking Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Category field.

Affected configurations

Nvd

Node

phpgurukulvehicle_parking_management_systemMatch1.0

VendorProductVersionCPE
phpgurukulvehicle_parking_management_system1.0cpe:2.3:a:phpgurukul:vehicle_parking_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpgurukul	vehicle_parking_management_system	1.0	cpe:2.3:a:phpgurukul:vehicle_parking_management_system:1.0:::::::*

References

www.exploit-db.com/exploits/49595

Social References

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

38.9%

JSON

Related for CVE-2021-27822