PT-2026-31896 · Code Projects · Vehicle Showroom Management System
Tnn2026
·
Published
2026-04-10
·
Updated
2026-04-11
·
CVE-2026-6034
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
code-projects Vehicle Showroom Management System version 1.0
Description
A flaw exists in an unknown function within the
/BranchManagement/ProfitAndLossReport.php file. Manipulation of the BRANCH ID argument can lead to cross site scripting, potentially allowing for remote attacks. The exploit has been published.Recommendations
As a temporary workaround, consider restricting or validating the
BRANCH ID argument to prevent manipulation.Exploit
Fix
Code Injection
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vehicle Showroom Management System