3 matches found
UNION Query-based SQL Injection Over HTTP Traffic (CVE-2018-17254; CVE-2020-18144; CVE-2020-29283; CVE-2020-29287; CVE-2020-29288; CVE-2020-35430; CVE-2021-24285)
UNION Query-based SQL Injection Over HTTP Traffic...
CVE-2020-29287
An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in viewcar.php or the carid parameter in booking.php...
CVE-2020-29287
CVE-2020-29287 describes an SQL injection in Car Rental Management System v1.0 exploitable via unsanitized input parameters: id in view_car.php and car_id in booking.php. The vulnerability stems from improper input handling in these PHP scripts, allowing attackers to manipulate SQL queries. Sever...