Lucene search
K

375 matches found

Nuclei
Nuclei
added yesterday44 views

Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting

Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview parameter. id: CVE-2021-46005 info: name: Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting author: cckuailong severity: medium description: Sourcecodester Car...

5.4CVSS6AI score0.02915EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday44 views

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manageuser.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32028...

7.2CVSS7.1AI score0.04919EPSS
Exploits1References3
Nuclei
Nuclei
added 2 days ago51 views

Car Rental Management System 1.0 - Local File Inclusion

Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution. id: CVE-2020-29227 info: name: Car Rental Management System 1.0 - Local File Inclusion author:...

9.8CVSS7.4AI score0.16822EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/21 4:45 a.m.10 views

EUVD-2026-38142

A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has...

6.5CVSS5.6AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 4:0 a.m.33 views

CVE-2026-12775 Montodel House-Rental-Management login.php sql injection

A vulnerability was detected in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. Th...

7.5CVSS0.00259EPSS
Exploits0References5
CVE
CVE
added 2026/06/21 4:0 a.m.19 views

CVE-2026-12775

CVE-2026-12775 affects Montodel House-Rental-Management, with the vulnerability in the /login.php script. The issue arises from manipulating the Username argument, which leads to an SQL injection. Attacks can be conducted remotely, and public exploitation is indicated. The affected software uses ...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/14 3:30 p.m.4 views

EUVD-2026-22256

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

2.7CVSS5.8AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.14 views

PT-2026-32632

CVE-2026-37591 Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view details.php. https://t.co/zFz4555XYZ...

2.7CVSS5.8AI score0.00186EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.9 views

CVE-2020-23832

A Persistent Cross-Site Scripting XSS vulnerability in messageadmin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login...

6.1CVSS6.1AI score0.02109EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.7 views

CVE-2020-24199

Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution...

9.8CVSS7.5AI score0.03689EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 6:57 p.m.5 views

CVE-2025-14531

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS6.6AI score0.00276EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202718

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS4.7AI score0.00276EPSS
Exploits1References6
NVD
NVD
added 2025/12/11 7:15 p.m.19 views

CVE-2025-14531

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS0.00276EPSS
Exploits1References5
OSV
OSV
added 2025/12/11 7:15 p.m.2 views

CVE-2025-14531

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

4.3CVSS5.6AI score
Exploits0References5
Cvelist
Cvelist
added 2025/12/11 6:32 p.m.29 views

CVE-2025-14531 code-projects Rental Management System Log Transaction.java crlf injection

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS0.00276EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/11 6:32 p.m.1 views

CVE-2025-14531 code-projects Rental Management System Log Transaction.java crlf injection

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS4.8AI score0.00276EPSS
Exploits1References5
CVE
CVE
added 2025/12/11 6:32 p.m.10 views

CVE-2025-14531

Code-projects Rental Management System 2.0 is affected in the Log Handler’s Transaction.java. The issue is a CRLF injection vulnerability that can be triggered remotely; exploitation publicized with PoC in at least one source. Connected advisories confirm an external exploit and remote manipulati...

5.3CVSS4.8AI score0.00276EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Code-Projects Rental Management System 注入漏洞

Code-Projects Rental Management System is an open source rental management system from Code-Projects. An injection vulnerability exists in Code-Projects Rental Management System version 2.0, which stems from a flaw in the file Transaction.java of the component Log Handler that could lead to a CRL...

5.3CVSS5.1AI score0.00276EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50671

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...

5.3CVSS6.8AI score0.00276EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.7 views

PT-2025-45418

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in the delete house function within the /admin class.php file of the software. Manipulation of the ID argument can result in a SQL injection. This issue c...

5.8CVSS7.5AI score0.00328EPSS
Exploits1References8
Rows per page
Query Builder