375 matches found
Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting
Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview parameter. id: CVE-2021-46005 info: name: Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting author: cckuailong severity: medium description: Sourcecodester Car...
Car Rental Management System 1.0 - SQL Injection
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manageuser.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32028...
Car Rental Management System 1.0 - Local File Inclusion
Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution. id: CVE-2020-29227 info: name: Car Rental Management System 1.0 - Local File Inclusion author:...
EUVD-2026-38142
A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-12775 Montodel House-Rental-Management login.php sql injection
A vulnerability was detected in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. Th...
CVE-2026-12775
CVE-2026-12775 affects Montodel House-Rental-Management, with the vulnerability in the /login.php script. The issue arises from manipulating the Username argument, which leads to an SQL injection. Attacks can be conducted remotely, and public exploitation is indicated. The affected software uses ...
EUVD-2026-22256
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...
PT-2026-32632
CVE-2026-37591 Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view details.php. https://t.co/zFz4555XYZ...
CVE-2020-23832
A Persistent Cross-Site Scripting XSS vulnerability in messageadmin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login...
CVE-2020-24199
Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution...
CVE-2025-14531
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
EUVD-2025-202718
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
CVE-2025-14531
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
CVE-2025-14531
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
CVE-2025-14531 code-projects Rental Management System Log Transaction.java crlf injection
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
CVE-2025-14531 code-projects Rental Management System Log Transaction.java crlf injection
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
CVE-2025-14531
Code-projects Rental Management System 2.0 is affected in the Log Handler’s Transaction.java. The issue is a CRLF injection vulnerability that can be triggered remotely; exploitation publicized with PoC in at least one source. Connected advisories confirm an external exploit and remote manipulati...
Code-Projects Rental Management System 注入漏洞
Code-Projects Rental Management System is an open source rental management system from Code-Projects. An injection vulnerability exists in Code-Projects Rental Management System version 2.0, which stems from a flaw in the file Transaction.java of the component Log Handler that could lead to a CRL...
PT-2025-50671
A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could ...
PT-2025-45418
Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in the delete house function within the /admin class.php file of the software. Manipulation of the ID argument can result in a SQL injection. This issue c...