Car Rental System
by Anisha
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5645 | Hig | 0.47 | 7.3 | 0.00 | Apr 6, 2026 | A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be… | ||
| CVE-2026-5637 | Hig | 0.47 | 7.3 | 0.00 | Apr 6, 2026 | A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message_admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be… | ||
| CVE-2025-6907 | Hig | 0.47 | 7.3 | 0.00 | Jun 30, 2025 | A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /book_car.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been… | ||
| CVE-2025-6906 | Hig | 0.47 | 7.3 | 0.00 | Jun 30, 2025 | A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been… | ||
| CVE-2025-6905 | Hig | 0.47 | 7.3 | 0.00 | Jun 30, 2025 | A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file /signup.php. The manipulation of the argument fname leads to sql injection. The attack may be initiated remotely. The… | ||
| CVE-2025-6904 | Hig | 0.47 | 7.3 | 0.00 | Jun 30, 2025 | A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument car_name leads to sql injection. The attack may be launched… | ||
| CVE-2025-6903 | Hig | 0.47 | 7.3 | 0.00 | Jun 30, 2025 | A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched… | ||
| CVE-2025-6579 | Hig | 0.47 | 7.3 | 0.00 | Jun 24, 2025 | A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /message_admin.php. The manipulation of the argument Message leads to sql injection. The attack may be initiated remotely. The… | ||
| CVE-2025-6667 | Med | 0.41 | 6.3 | 0.00 | Jun 25, 2025 | A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched… | ||
| CVE-2025-3204 | 0.00 | — | 0.00 | Apr 4, 2025 | A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely.… | |||
| CVE-2024-12981 | 0.00 | — | 0.01 | Dec 27, 2024 | A vulnerability was found in CodeAstro Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bookingconfirm.php. The manipulation of the argument driver_id_from_dropdown leads to sql injection. The attack… | |||
| CVE-2022-28000 | 0.00 | — | 0.02 | Apr 8, 2022 | Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter. | |||
| CVE-2022-28062 | 0.00 | — | 0.02 | Apr 4, 2022 | Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code. | |||
| CVE-2020-15535 | 0.00 | — | 0.01 | Jul 5, 2020 | An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields. |
- risk 0.47cvss 7.3epss 0.00
A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message_admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be…
- risk 0.47cvss 7.3epss 0.00
A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /book_car.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file /signup.php. The manipulation of the argument fname leads to sql injection. The attack may be initiated remotely. The…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument car_name leads to sql injection. The attack may be launched…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /message_admin.php. The manipulation of the argument Message leads to sql injection. The attack may be initiated remotely. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched…
- CVE-2025-3204Apr 4, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely.…
- CVE-2024-12981Dec 27, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in CodeAstro Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bookingconfirm.php. The manipulation of the argument driver_id_from_dropdown leads to sql injection. The attack…
- CVE-2022-28000Apr 8, 2022risk 0.00cvss —epss 0.02
Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter.
- CVE-2022-28062Apr 4, 2022risk 0.00cvss —epss 0.02
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code.
- CVE-2020-15535Jul 5, 2020risk 0.00cvss —epss 0.01
An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields.