Phpgurukul Bus Pass Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Phpgurukul Bus Pass Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-36198 — CVSS 9.8 (critical): Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-report…
CVE-2022-35156 — CVSS 9.8 (critical): Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at…
CVE-2021-44315 — CVSS 7.5 (high): In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive…
CVE-2025-3146 — CVSS 7.3 (high): A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of…
CVE-2022-29008 — CVSS 6.5 (medium): An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to…
CVE-2022-35155 — CVSS 6.1 (medium): Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.
CVE-2021-44317 — CVSS 5.4 (medium): In Bus Pass Management System v1.0, parameters 'pagedes' and `About Us` are affected with a Stored Cross-site scripting vulnerability.