VYPR

Car Rental Management System

by Sourcecodester

CVEs (2)

  • CVE-2020-27956CriOct 28, 2020
    risk 0.64cvss 9.8epss 0.05

    An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).

  • CVE-2021-46005MedJan 18, 2022
    risk 0.35cvss 5.4epss 0.03

    Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehicalorcview parameter.