12 matches found
EUVD-2021-24286
Malware in sbrugna...
CVE-2024-3369
A vulnerability, which was classified as critical, has been found in code-projects Car Rental 1.0. Affected by this issue is some unknown functionality of the file add-vehicle.php. The manipulation of the argument Upload Image leads to unrestricted upload. The attack may be launched remotely. The...
CVE-2024-3369 code-projects Car Rental add-vehicle.php unrestricted upload
A vulnerability, which was classified as critical, has been found in code-projects Car Rental 1.0. Affected by this issue is some unknown functionality of the file add-vehicle.php. The manipulation of the argument Upload Image leads to unrestricted upload. The attack may be launched remotely. The...
CVE-2024-3369
CVE-2024-3369 affects code-projects Car Rental 1.0. The vulnerability is in add-vehicle.php, where manipulation of the Upload Image parameter enables unrestricted file upload. This can be exploited remotely and has been disclosed publicly, classed as critical with high impact to confidentiality, ...
Simple Car Rental System 代码问题漏洞
Simple Car Rental System is a simple car rental application. A code issue vulnerability exists in version 1.0 of Simple Car Rental System due to a file upload vulnerability in the parameter Upload Image of the file add-vehicle.php...
CVE-2022-43083
An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43084
CVE-2022-43084 describes a cross-site scripting (XSS) vulnerability in Vehicle Booking System v1.0, specifically in the admin-add-vehicle.php page. The flaw arises from insufficient input sanitization of the v_name parameter, allowing an attacker to inject arbitrary web scripts or HTML via a craf...
CVE-2022-43083
An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43083
CVE-2022-43083 affects Vehicle Booking System v1.0 via an arbitrary file upload in admin-add-vehicle.php that allows code execution through a crafted PHP file. The base vulnerability is confirmed across multiple sources (NVD/Red Hat/CNVD/CVE list). CVSS v3.1 base score 7.2 (High): network attack ...
CVE-2021-37805
A Stored Cross Site Scripting XSS vunerability exists in Sourcecodeste Vehicle Parking Management System affected version 1.0 is via the add-vehicle.php endpoint...
Cross site scripting
A Stored Cross Site Scripting XSS vunerability exists in Sourcecodeste Vehicle Parking Management System affected version 1.0 is via the add-vehicle.php endpoint...
Vehicle Parking Management System 1.0 Cross Site Scripting
Exploit Title: Vehicle Parking Management System - Stored Cross-Site-Scripting XSS Date: 2021-07-09 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/...