Skip to main content

Car Rental Script

12 CVEs product

Monthly

CVE-2023-48837 MEDIUM POC This Month

Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Car Rental Script
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-48836 MEDIUM POC This Month

Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Car Rental Script
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-48835 HIGH POC This Week

Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Car Rental Script
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-48834 HIGH POC This Week

A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Car Rental Script
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-40764 CRITICAL Act Now

User enumeration is found in PHP Jabbers Car Rental Script v3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Car Rental Script
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-40754 HIGH This Week

In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Car Rental Script
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2018-15182 MEDIUM POC This Month

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-6904 MEDIUM POC This Month

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-17907 MEDIUM POC This Month

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD GitHub
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-17906 CRITICAL POC Act Now

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Car Rental Script
NVD GitHub
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-17905 HIGH POC This Week

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Car Rental Script
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17637 CRITICAL POC Act Now

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Car Rental Script
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.5%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Car Rental Script
NVD
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Car Rental Script
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Car Rental Script
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Car Rental Script
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

User enumeration is found in PHP Jabbers Car Rental Script v3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Car Rental Script
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Car Rental Script
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Car Rental Script
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Car Rental Script
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Car Rental Script
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Car Rental Script
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy