GCVE - cpe:2.3:a:kashipara:bus_ticket_reservation

Approved changes feed: RSS · Atom

cpe:2.3:a:kashipara:bus_ticket_reservation_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Kashipara (`6b7db86c-2a94-5a2d-adbe-6158c7191f84`)
Product	Bus Ticket Reservation System (`372c023b-bd2b-56e7-a516-9865ed9125d6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-42766`	vulnerable	2026-06-03 14:56:42.966857	Details available Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php. Published: 2024-08-23T00:00:00.000Z Updated: 2024-08-26T16:18:24.767Z Open on db.gcve.eu Reference links https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/Broken%20Access%20Control%20-%20Delete%20Bookings.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42765`	vulnerable	2026-06-03 14:56:42.966486	Details available A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters. Published: 2024-08-23T00:00:00.000Z Updated: 2024-08-23T14:44:46.667Z Open on db.gcve.eu Reference links https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/SQL%20Injection%20-%20Login.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42764`	vulnerable	2026-06-03 14:56:42.966127	Details available Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php. Published: 2024-08-23T00:00:00.000Z Updated: 2024-08-23T14:43:10.185Z Open on db.gcve.eu Reference links https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/CSRF.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42762`	vulnerable	2026-06-03 14:56:42.964047	Details available A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields. Published: 2024-08-22T00:00:00.000Z Updated: 2024-08-23T13:45:18.112Z Open on db.gcve.eu Reference links https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/Stored%20XSS%20-%20Customer%20Booking%20List.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42761`	vulnerable	2026-06-03 14:56:42.962530	Details available A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter. Published: 2024-08-22T00:00:00.000Z Updated: 2024-08-23T14:13:16.816Z Open on db.gcve.eu Reference links https://www.kashipara.com/ https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Bus%20Ticket%20Reservation%20System%20v1.0/Stored%20XSS%20-%20Bus%20Schedule%20List.pdf	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Bus Ticket Reservation System

PURL mappings

Vulnerability references

Contribute