Car Rental Management System Project Car Rental Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Car Rental Management System Project Car Rental Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2020-27956 — CVSS 9.8 (critical): An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote…
CVE-2022-32019 — CVSS 9.8 (critical): Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car.
CVE-2020-29227 — CVSS 9.8 (critical): An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the…
CVE-2020-29287 — CVSS 9.8 (critical): An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or…
CVE-2022-32020 — CVSS 9.8 (critical): Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_s…
CVE-2022-32028 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.
CVE-2022-29318 — CVSS 7.2 (high): An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary…
CVE-2022-32026 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=.
CVE-2022-32027 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=.
CVE-2022-32021 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=.
CVE-2022-32022 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login.
CVE-2022-32024 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=.
CVE-2022-32025 — CVSS 7.2 (high): Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=.
CVE-2020-23832 — CVSS 6.1 (medium): A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows…
CVE-2021-46005 — CVSS 5.4 (medium): Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehicalorcview parameter.