31 matches found
CVE-2019-25482
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...
CVE-2019-25482 Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 SQL Injection
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...
CVE-2019-25482 Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 SQL Injection
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...
PT-2026-24966
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arac kategori id parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...
CVE-2019-25462
Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or...
CVE-2019-25462 Web Ofisi Rent a Car v3 SQL Injection via klima Parameter
Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or...
CVE-2019-25462 Web Ofisi Rent a Car v3 SQL Injection via klima Parameter
Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or...
CVE-2019-25462
The CVE covers Web Ofisi Rent a Car v3, where an SQL injection flaw exists in the klima parameter. The vulnerability allows unauthenticated attackers to manipulate database queries via GET requests, potentially extracting sensitive data or causing denial of service. Root cause is improper handlin...
Web Ofisi Rent a Car SQL注入漏洞
Web Ofisi Rent a Car is an online management and rental system operated by the Turkish company Web Ofisi. Version 3 of Web Ofisi Rent a Car has a SQL injection vulnerability, which stems from insufficient validation of the klima parameter input. This vulnerability may lead to SQL injection attack...
rent-a-car-podgorica.com Cross Site Scripting vulnerability OBB-3316846
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Jettweb Ready Rent A Car Script 4 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
coskunrentacar.com Cross Site Scripting vulnerability OBB-2152209
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
olympicrentacar.gr Cross Site Scripting vulnerability OBB-1491733
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
madisonrentacar.com.ar Cross Site Scripting vulnerability OBB-1428902
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
ctgrentacar.com Cross Site Scripting vulnerability OBB-1280764
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Web Ofisi Rent A Car 3 SQL Injection
Exploit Title: Web Ofisi Rent a Car 3 - 'klima' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/rent-a-car-v3.html Demo Site: http://demobul.net/rentacarv3/ Version: v3 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...
Web Ofisi Rent a Car 3 - klima SQL Injection
Web Ofisi Rent a Car 3 - klima SQL Injection Exploit Title: Web Ofisi Rent a Car 3 - 'klima' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/rent-a-car-v3.html Demo Site: http://demobul.net/rentacarv3/ Version: v3 Tested on: Kali Linux CVE:...
Web Ofisi Rent a Car 3 - 'klima' SQL Injection
Exploit Title: Web Ofisi Rent a Car 3 - 'klima' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/rent-a-car-v3.html Demo Site: http://demobul.net/rentacarv3/ Version: v3 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...
Jettweb PHP Hazir Rent A Car Sitesi Scripti 2 SQL Injection
Exploit Title: Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arackategoriid' SQL Injection Date: 28.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-4-php-hazir-rent-a-car-sitesi-scripti-v2.html Demo Site: http://rentv2.proemlaksitesi.net/ Version: V2 Tested on...
Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - arac_kategori_id SQL Injection
Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - arackategoriid SQL Injection Exploit Title: Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arackategoriid' SQL Injection Date: 28.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage:...