GCVE - cpe:2.3:a:codeastro:vehicle_booking_system:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:codeastro:vehicle_booking_system:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Codeastro (`f92dc1fe-f2d7-58ad-92b0-40a98a9042be`)
Product	Vehicle Booking System (`544a32e9-558e-5a17-abf6-57deec3bdaed`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-0346`	vulnerable	2026-06-03 14:54:02.183980	CodeAstro Vehicle Booking System Feedback Page user-give-feedback.php cross site scripting LOW (3.5) A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as problematic. This vulnerability affects unknown code of the file usr/user-give-feedback.php of the component Feedback Page. The manipulation of the argument My Testemonial leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250114 is the identifier assigned to this vulnerability. Published: 2024-01-09T21:31:02.994Z Updated: 2024-09-03T20:39:37.362Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250114 https://vuldb.com/?ctiid.250114 https://drive.google.com/file/d/1bao4YK4GwvAvCdCrsW5UpJZdvREdc_Yj/view?usp=sharing	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0345`	vulnerable	2026-06-03 14:54:02.182558	CodeAstro Vehicle Booking System User Registration usr-register.php cross site scripting MEDIUM (4.3) A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250113 was assigned to this vulnerability. Published: 2024-01-09T21:00:06.585Z Updated: 2025-04-17T17:19:24.654Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250113 https://vuldb.com/?ctiid.250113 https://drive.google.com/file/d/1ihxLw4kzbAbDhHtca3UnTaB-iMWHi5DJ/view?usp=sharing	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.