CVE-2025-7477 code-projects Simple Car Rental System add_cars.php unrestricted upload

A vulnerability, which was classified as critical, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/addcars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. Th...

Car Rental System add_cars.php File SQL Injection Vulnerability

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter carname in the file /admin/addcars.php. An attacker can use this vulnerability to execute illegal S...

CVE-2025-6904 code-projects Car Rental System add_cars.php sql injection

A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/addcars.php. The manipulation of the argument carname leads to sql injection. The attack may be launched remotely. The exploit h...

CVE-2025-6904 code-projects Car Rental System add_cars.php sql injection

A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/addcars.php. The manipulation of the argument carname leads to sql injection. The attack may be launched remotely. The exploit h...

CVE-2025-6667 code-projects Car Rental System add_cars.php unrestricted upload

A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/addcars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit h...

CVE-2025-6667 code-projects Car Rental System add_cars.php unrestricted upload

A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/addcars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit h...

CVE-2020-11544

An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via addcars.php. There are no upload restrictions f...