88 matches found
CVE-2024-39653
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0...
CVE-2025-13724
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724
CVE-2025-13724 affects the VikRentCar Car Rental Management System WordPress plugin (versions up to 1.4.4). The vulnerability is a time-based blind SQL injection via the month parameter, exploitable by authenticated users with Administrator-level access or higher, allowing extraction of data. Wor...
EUVD-2025-200209
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
WordPress plugin VikRentCar Car Rental Management System SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based servers. A SQL injectio...
PT-2025-48656
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
WordPress VikRentCar Car Rental Management System plugin <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter vulnerability
Authenticated Author+ SQL Injection via 'month' Parameter vulnerability discovered by zhenhua fan in WordPress Plugin VikRentCar versions = 1.4.4...
EUVD-2021-11300
Malware in sbrugna...
EUVD-2021-11431
Malware in sbrugna...
EUVD-2024-54136
Malicious code in bioql PyPI...
EUVD-2023-28062
Malicious code in bioql PyPI...
EUVD-2024-30566
Malicious code in bioql PyPI...
EUVD-2025-19909
Malicious code in bioql PyPI...
EUVD-2024-38158
Malicious code in bioql PyPI...
CVE-2025-5322
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...
WordPress VikRentCar Car Rental Management System plugin <= 1.4.3 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin VikRentCar versions = 1.4.3...
CVE-2025-5322
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...