CVE-2024-12945

CVE-2024-12945 affects Code-Projects Simple Car Rental System 1.0. The vulnerability is in the /account.php file, where manipulation of the email/pass parameter leads to SQL injection. The issue is exploitable remotely and has been publicly disclosed. Connected documentation corroborates a critic...

CVE-2025-8335

The CVE-2025-8335 entry concerns code-projects Simple Car Rental System 1.0, with a cross-site request forgery flaw affecting an unknown part of the software. Connected sources (PT-2025-31451, Red Hat, CVE listings) confirm the vulnerability can be initiated remotely and that an exploit has been ...

CVE-2025-8337

CVE-2025-8337 affects Code-Projects Simple Car Rental System 1.0. The vulnerability is in the file /admin/add_vehicles.php where manipulation of the car_name argument can lead to a cross-site scripting (XSS) vulnerability. The attack can be initiated remotely and exploits have been publicly discl...

CVE-2025-60306

CVE-2025-60306 affects Code-Projects’ Simple Car Rental System 1.0. The issue is a permission bypass where a low-privilege user can forge and obtain high-privilege sessions to perform sensitive operations. Metrics assign a CRITICAL 9.9 CVSS v3.1 score with network exploitability, low attack compl...