Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
car rental script vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-15182
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.
Car Rental Script Project Car Rental Script 2.0.8
9.8
CVSSv3
CVE-2017-17637
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
Car Rental Script Project Car Rental Script 2.0.4
1 EDB exploit
8.8
CVSSv3
CVE-2017-17905
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
Car Rental Script Project Car Rental Script 2.0.8
9.8
CVSSv3
CVE-2017-17906
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
Car Rental Script Project Car Rental Script 2.0.8
6.1
CVSSv3
CVE-2017-17907
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter.
Car Rental Script Project Car Rental Script 2.0.8
6.5
CVSSv3
CVE-2018-20647
PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory.
Car Rental Script Project Car Rental Script 2.0.8
8.8
CVSSv3
CVE-2018-20648
PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.
Car Rental Script Project Car Rental Script 2.0.8
5.4
CVSSv3
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.
Car Rental Script Project Car Rental Script 2.0.8
7.5
CVSSv3
CVE-2023-48834
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows malicious users to cause resource exhaustion.
Phpjabbers Car Rental Script 3.0
8.8
CVSSv3
CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
Phpjabbers Car Rental Script 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »