CVE-2022-36198

A stored XSS vulnerability was detected on the buspassms/admin/view-enquiry.php script that is prone to hacking when user input is processed by the vulnerable script.

A stored XSS vulnerability was detected on the buspassms/admin/pass-bwdates-reports-details.php script that is prone to hacking when user input is processed by the vulnerable script. Hackers can inject arbitrary HTML or PHP code into the query string that is parsed and executed by the application.

An unvalidated credit card application was submitted by a user, who was also the admin of the application, to the vendor. The vendor processed the application, which resulted in the vendor getting a hold of the admin’s credit card details. An SQL injection was discovered on the vendor’s website that was resulting in a complete takeover of the vendor’s database and exfiltrating the vendor’s data. The vendor had stored the admin’s details in an unencrypted form. An attacker can take advantage of this information to launch a variety of targeted attacks.

Stored XSS vulnerability on vendor’s website

The vendor had a stored XSS vulnerability on the website’s admin/view-enquiry.php script that was vulnerable to hacking when user input is processed by the vulnerable script. Hackers can inject arbitrary HTML or PHP code into the query string that is parsed and executed by the application.
An unvalidated credit card application was submitted by a user, who was also the admin of the application, to the vendor. The vendor processed the application, which resulted in a complete takeover of the vendor’s database and exfiltrating data from the vendor’s website. The vendor had stored credentials in an unencrypted form that could be used to launch targeted attacks against them.

Stored XSS vulnerability detected on the buspassms/buy-tickets.php script

A stored XSS vulnerability was detected on the buspassms/admin/view-enquiry.php script that is prone to hacking when user input is processed by the vulnerable script. Hackers can inject arbitrary HTML or PHP code into the query string that is parsed and executed by the application.

Stored XSS vulnerability

A stored XSS vulnerability was detected on the buspassms/admin/view-enquiry.php script that is prone to hacking when user input is processed by the vulnerable script. Hackers can inject arbitrary HTML or PHP code into the query string that is parsed and executed by the application.
A stored XSS vulnerability was detected on the buspassms/admin/pass-bwdates-reports-details.php script that is prone to hacking when user input is processed by the vulnerable script. Hackers can inject arbitrary HTML or PHP code into the query string that is parsed and executed by the application.
An unvalidated credit card application was submitted by a user, who was also the admin of the application, to the vendor. The vendor processed the application, which resulted in the vendor getting a hold of the admin’s credit card details. An SQL injection was discovered on the vendor’s website that was resulting in a complete takeover of the vendor’s database and exfiltrating the vendor’s data. The vendor had stored more than one administrator’s credit card details in an unencrypted form. An attacker could take advantage of this information to launch a variety of targeted attacks.

Timeline

Published on: 08/22/2022 01:15:00 UTC
Last modified on: 08/23/2022 16:28:00 UTC

References

• https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql
• https://github.com/jcarabantes/Bus-Vulnerabilities
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36198