CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection

A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

CVE-2026-5637

CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...

CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

CVE-2026-5634

CVE-2026-5634 affects the Projectworlds Car Rental Project 1.0. The vulnerability targets an unknown function in the file /book_car.php (Parameter Handler). Manipulating the fname argument results in a SQL injection, with remote, publicly available exploit code. The CVSS metrics in the connected ...

Projectworlds Car Rental Project SQL注入漏洞

Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability, which arises from improper handling of the parameter fname in the file/bookcar.php, potentially leading to SQL...

PT-2026-30583

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

CVE-2026-5368

CVE-2026-5368 affects projectworlds Car Rental Project 1.0. The vulnerable element is an unknown function in the file /login.php of the Parameter Handler; manipulating the uname argument enables an SQL injection. Exploitation is remote and has been publicly disclosed. Multiple sources (NVD, Red H...

CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection

A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...

CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection

A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...

Projectworlds Car Rental Project SQL注入漏洞

Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability. This vulnerability stems from incorrect operations with the parameter uname in the Parameter Handler component of th...

CVE-2020-23832

A Persistent Cross-Site Scripting XSS vulnerability in messageadmin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login...

EUVD-2020-16570

Malware in sbrugna...

CVE-2020-23832

A Persistent Cross-Site Scripting XSS vulnerability in messageadmin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login...