2 matches found
CVE-2025-7475
CVE-2025-7475 affects Simple Car Rental System 1.0, with the vulnerability located in /pay.php where manipulating the mpesa parameter enables SQL injection. The issue is exploitable remotely and exploitation details have been disclosed publicly. Multiple connected sources confirm a critical impac...
CVE-2025-7475 code-projects Simple Car Rental System pay.php sql injection
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part of the file /pay.php. The manipulation of the argument mpesa leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...