Car Rental Project
by Phpgurukul
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26809 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2021 | PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | ||
| CVE-2020-5509 | Hig | 0.50 | 7.2 | 0.06 | Jan 14, 2020 | PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. | ||
| CVE-2025-50486 | Hig | 0.46 | 7.1 | 0.00 | Jul 28, 2025 | Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack. | ||
| CVE-2025-4926 | Med | 0.31 | 4.7 | 0.00 | May 19, 2025 | A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/post-avehical.php. The manipulation of the argument img1/img2/img3/img4/img5 leads to unrestricted upload. The… |
- risk 0.64cvss 9.8epss 0.02
PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.
- risk 0.50cvss 7.2epss 0.06
PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image.
- risk 0.46cvss 7.1epss 0.00
Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack.
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/post-avehical.php. The manipulation of the argument img1/img2/img3/img4/img5 leads to unrestricted upload. The…