cvedb.io
CVE-2017-1000474
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-01-24T22:29:00.230 · Last modified 2026-06-17T00:59:13.970

Summary

Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.

Affected products

vehicle_sales_management_system_project — vehicle_sales_management_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when vehicle_sales_management_system_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.