2 matches found
CVE-2020-23832
A Persistent Cross-Site Scripting XSS vulnerability in messageadmin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login...
CVE-2020-23832
CVE-2020-23832 affects Projectworlds Car Rental Management System v1.0, specifically the message_admin.php module. The vulnerability is a Persistent Cross-Site Scripting (XSS) that allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session when an ...