Car Rental Management System Security Vulnerabilities and Issues — Car Rental Management System CVE List

Lucene search

Car Rental Management System ProjectCar Rental Management System

15 matches found

CVE•added 2022/06/02 4:15 p.m.•86 views

CVE-2022-32026

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=.

7.2CVSS7.3AI score0.08725EPSS

CVE•added 2022/06/02 4:15 p.m.•74 views

CVE-2022-32021

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/06/02 4:15 p.m.•74 views

CVE-2022-32028

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.

7.2CVSS7.3AI score0.08725EPSS

CVE•added 2020/12/02 10:15 p.m.•71 views

CVE-2020-29287

An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.

9.8CVSS9.8AI score0.02406EPSS

CVE•added 2022/06/02 4:15 p.m.•69 views

CVE-2022-32025

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=.

7.2CVSS7.3AI score0.12512EPSS

CVE•added 2022/06/02 4:15 p.m.•66 views

CVE-2022-32022

Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login.

7.2CVSS7.3AI score0.08725EPSS

CVE•added 2022/06/02 4:15 p.m.•65 views

CVE-2022-32024

Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=.

7.2CVSS7.3AI score0.08725EPSS

CVE•added 2022/05/11 1:15 p.m.•61 views

CVE-2022-29318

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

7.2CVSS7.2AI score0.00943EPSS

CVE•added 2022/06/02 4:15 p.m.•60 views

CVE-2022-32027

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=.

7.2CVSS7.3AI score0.0026EPSS

CVE•added 2022/06/02 6:15 p.m.•59 views

CVE-2022-32019

Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car.

9.8CVSS9.6AI score0.03383EPSS

CVE•added 2022/06/02 4:15 p.m.•50 views

CVE-2022-32020

Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_settings.

9.8CVSS9.6AI score0.00966EPSS

CVE•added 2020/12/14 2:15 p.m.•49 views

CVE-2020-29227

An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to cause local file inclusion resulting in code execution.

9.8CVSS9.1AI score0.88723EPSS

CVE•added 2020/10/28 3:15 a.m.•48 views

CVE-2020-27956

An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).

9.8CVSS9.6AI score0.07715EPSS

CVE•added 2022/01/18 6:15 p.m.•47 views

CVE-2021-46005

Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehicalorcview parameter.

5.4CVSS5.2AI score0.0461EPSS

CVE•added 2020/10/06 1:15 p.m.•29 views

CVE-2020-23832

A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login.

6.1CVSS6AI score0.01345EPSS