CVE-2021-46075

EUVD-2021-32777
A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
vehicle_service_management_system_projectvehicle_service_management_system
𝑥
≤ 1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations
https://www.plsanu.com/vehicle-service-management-system-multiple-privilege-escalation-leads-to-crud-operations
https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations
https://www.plsanu.com/vehicle-service-management-system-multiple-privilege-escalation-leads-to-crud-operations