CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-0537 – code-projects Car Rental Management System manage-pages.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-0537
17 Jan 2025 — A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php. The manipulation of the argument pgdetails leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32019
https://notcve.org/view.php?id=CVE-2022-32019
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car. Car Rental Management System versión v1.0, es vulnerable a una ejecución de código arbitrario por medio del archivo car-rental-management-system/admin/ajax.php?action=save_car • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32020
https://notcve.org/view.php?id=CVE-2022-32020
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_settings. Car Rental Management System versión v1.0, es vulnerable a una ejecución de código arbitrario por medio del archivo ip/car-rental-management-system/admin/ajax.php?action=save_settings • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/RCE-2.md •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32021
https://notcve.org/view.php?id=CVE-2022-32021
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /car-rental-management-system/admin/manage_movement.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 25%CPEs: 1EXPL: 1CVE-2022-32022
https://notcve.org/view.php?id=CVE-2022-32022
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /ip/car-rental-management-system/admin/ajax.php?action=login • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 25%CPEs: 1EXPL: 1CVE-2022-32024
https://notcve.org/view.php?id=CVE-2022-32024
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo car-rental-management-system/booking.php?car_id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-4.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 25%CPEs: 1EXPL: 1CVE-2022-32025
https://notcve.org/view.php?id=CVE-2022-32025
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /car-rental-management-system/admin/view_car.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-6.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 25%CPEs: 1EXPL: 1CVE-2022-32026
https://notcve.org/view.php?id=CVE-2022-32026
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /car-rental-management-system/admin/manage_booking.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-5.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32027
https://notcve.org/view.php?id=CVE-2022-32027
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /car-rental-management-system/admin/index.php?page=manage_car&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-7.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 25%CPEs: 1EXPL: 1CVE-2022-32028
https://notcve.org/view.php?id=CVE-2022-32028
02 Jun 2022 — Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=. Car Rental Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /car-rental-management-system/admin/manage_user.php?id= • https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •