Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Official car rental system'
2020-04-06
CVE-2020-11545
CWE-89
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.
CVE-2020-11544
CWE-434
An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for executable files.
>>>
Vendor:
Projectworlds
13
Products
Hospital management system in php
Official car rental system
House rental and property listing project
Car rental project
House rental
Visitor management system in php
Online examination system
Online matrimonial project
Online book store project in php
Travel management system
Online shopping system in php
Online-shopping-webvsite-in-php
Online movie ticket booking system
Copyright
2024
, cxsecurity.com
Back to Top