36 matches found
CVE-2025-13724
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724
CVE-2025-13724 affects the VikRentCar Car Rental Management System WordPress plugin (versions up to 1.4.4). The vulnerability is a time-based blind SQL injection via the month parameter, exploitable by authenticated users with Administrator-level access or higher, allowing extraction of data. Wor...
EUVD-2025-200209
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
WordPress plugin VikRentCar Car Rental Management System SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based servers. A SQL injectio...
PT-2025-48656
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
EUVD-2021-11300
Malware in sbrugna...
EUVD-2021-11431
Malware in sbrugna...
EUVD-2024-54136
Malicious code in bioql PyPI...
EUVD-2025-19909
Malicious code in bioql PyPI...
CVE-2025-5322
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...
WordPress VikRentCar Car Rental Management System plugin <= 1.4.3 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin VikRentCar versions = 1.4.3...
CVE-2025-5322
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...
CVE-2025-5322
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...
CVE-2025-5322 VikRentCar Car Rental Management System <= 1.4.3 - Authenticated (Administrator+) Arbitrary File Upload
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the doupdatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with...
WordPress plugin VikRentCar Car Rental Management System 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code issue vulnerability exists in the WordPress...
CVE-2024-1845
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2023-23998
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin = 1.3.0 versions...