Vulnerabilities (CVE)

Filtered by vendor Car Rental Script Project Subscribe
Filtered by product Car Rental Script
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6904 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.
CVE-2018-20648 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 6.8 MEDIUM 8.8 HIGH
PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.
CVE-2018-20647 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory.
CVE-2018-15182 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 3.5 LOW 5.4 MEDIUM
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.
CVE-2017-17907 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter.
CVE-2017-17906 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
CVE-2017-17905 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 6.8 MEDIUM 8.8 HIGH
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
CVE-2017-17637 1 Car Rental Script Project 1 Car Rental Script 2024-11-21 7.5 HIGH 9.8 CRITICAL
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.