CVE-2017-1000474

Name: CVE-2017-1000474
Creator: NVD / NIST
Published: 2018-01-24T22:29:00.23+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.17%

Last modified Jun 17, 2026

CVE-2017-1000474 is a vulnerability of currently unknown severity. Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.. EPSS estimates a 2.17% chance of exploitation in the next 30 days.

Description

Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing.

Metrics

EPSS Probability

2.17%

80.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-89

Affected Software

Vendor	Product	Versions
Vehicle Sales Management System Project	Vehicle Sales Management System	2017-07-30

References

http://singsip.wixsite.com/singsip/vulnThird Party Advisory
https://www.exploit-db.com/exploits/44318/
http://singsip.wixsite.com/singsip/vulnThird Party Advisory
https://www.exploit-db.com/exploits/44318/

Timeline

Published: Jan 24, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-1000474?

How severe is CVE-2017-1000474?

Severity scoring for CVE-2017-1000474 is pending analysis. The EPSS model estimates a 2.17% probability of exploitation in the next 30 days.

How do I fix CVE-2017-1000474?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-1000474?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST