CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /booking.php?carid=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32024 info:...

7.2CVSS7.2AI score0.04522EPSS

Exploits1References2

Nuclei•added 2 days ago•215 views

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/viewcar.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32025 info:...

7.2CVSS7.2AI score0.04522EPSS

Exploits1References3

Nuclei•added 2 days ago•76 views

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/managebooking.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32026...

7.2CVSS7.2AI score0.05261EPSS

Exploits2References4

Nuclei•added 2 days ago•25 views

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/ajax.php?action=login. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32022...

7.2CVSS7.2AI score0.04879EPSS

Exploits1References3

RedhatCVE•added 2026/01/03 7:7 a.m.•9 views

CVE-2025-15432

A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...

7.5CVSS6.5AI score0.00598EPSS

Exploits1References1

NVD•added 2026/01/02 7:15 a.m.•4 views

CVE-2025-15432

7.5CVSS0.00598EPSS

Exploits1References5

OSV•added 2026/01/02 7:15 a.m.•2 views

CVE-2025-15432

7.5CVSS5.3AI score0.00598EPSS

Exploits1References5

Cvelist•added 2026/01/02 6:32 a.m.•20 views

CVE-2025-15432 yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal

6.9CVSS0.00598EPSS

Exploits1References5

Vulnrichment•added 2026/01/02 6:32 a.m.•3 views

CVE-2025-15432 yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal

6.9CVSS6.4AI score0.00598EPSS

Exploits1References5

CVE•added 2026/01/02 6:32 a.m.•18 views

CVE-2025-15432

The CVE-2025-15432 issue affects yeqifu carRental, specifically the function downloadShowFile in /file/downloadShowFile.action of the com.yeqifu.sys.controller.FileController. The root cause is path traversal caused by manipulation of the path argument, allowing remote exploitation. Several sourc...

7.5CVSS5.3AI score0.00598EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2026/01/02 12:0 a.m.•4 views

PT-2026-1054

Name of the Vulnerable Software and Affected Versions yeqifu carRental affected versions not specified Description A path traversal issue exists due to the manipulation of the path argument within the downloadShowFile function located in /file/downloadShowFile.action of the...

6.9CVSS6.3AI score0.00598EPSS

Exploits1References9

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-4913

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00948EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-25466

Malicious code in bioql PyPI...

7.5CVSS5.6AI score0.00528EPSS

Exploits1References4

CVE•added 2025/08/29 2:2 p.m.•11 views

CVE-2025-9650

CVE-2025-9650 affects yeqifu carRental; the path traversal flaw is in AppFileUtils.removeFileByPath (taking carimg) and is remotely exploitable with a disclosed exploit. Connected sources corroborate the vulnerability in versions up to 3fabb7eae93d209426638863980301d6f99866b3. Practical impact in...

5.5CVSS6.5AI score0.00361EPSS

Exploits0References4

CNNVD•added 2025/08/29 12:0 a.m.•1 views

carRental 路径遍历漏洞

carRental is a car rental software from carRental, Inc. A path traversal vulnerability exists in carRental, which originates from a path traversal caused by a misbehavior of the function removeFileByPath in the parameter carimg in the file src/main/java/com/yeqifu/sys/utils/AppFileUtils.java...

5.5CVSS5.5AI score0.00361EPSS

Exploits0References6

RedhatCVE•added 2025/08/23 5:15 p.m.•5 views

CVE-2025-9310

A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. Affected by this vulnerability is an unknown functionality of the file /carRentalwar/druid/login.html of the component Druid. Executing manipulation can lead to hard-coded credentials. The attack ma...

7.5CVSS5.2AI score0.00528EPSS

Exploits1References1

NVD•added 2025/08/21 5:15 p.m.•5 views

CVE-2025-9310

7.5CVSS0.00528EPSS

Exploits1References4

OSV•added 2025/08/21 5:15 p.m.•3 views

CVE-2025-9310

7.5CVSS5.4AI score0.00528EPSS

Exploits1References4

Vulnrichment•added 2025/08/21 4:32 p.m.•4 views

CVE-2025-9310 yeqifu carRental Druid login.html hard-coded credentials