Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an malicious user to dump the MySQL database and to bypass the login authentication prompt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
projectworlds official car rental system 1.0 |