Car Rental Script

car_rental_script

Vendor: Car Rental Script Project • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-20648 1Car Rental Script Project 1Car Rental Script Nov 21, 2024 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.
CVE-2018-20647 1Car Rental Script Project 1Car Rental Script Nov 21, 2024 Mar 21, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory.
CVE-2018-15182 1Car Rental Script Project 1Car Rental Script Nov 21, 2024 Aug 9, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.
CVE-2018-6904 1Car Rental Script Project 1Car Rental Script Jun 17, 2026 Apr 12, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.
CVE-2017-17907 1Car Rental Script Project 1Car Rental Script May 13, 2026 Dec 27, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter.
CVE-2017-17906 1Car Rental Script Project 1Car Rental Script May 13, 2026 Dec 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
CVE-2017-17905 1Car Rental Script Project 1Car Rental Script May 13, 2026 Dec 27, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
CVE-2017-17637 1Car Rental Script Project 1Car Rental Script May 13, 2026 Dec 13, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.