VYPR

Car Rental Management System

by Projectworlds

CVEs (2)

  • CVE-2020-24199CriSep 9, 2020
    risk 0.64cvss 9.8epss 0.04

    Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution.

  • CVE-2020-23832MedOct 6, 2020
    risk 0.40cvss 6.1epss 0.02

    A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login.