code-projects Online Lot Reservation System download.php readfile path traversal

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used.

Basic Information

ID CVE-2026-7132

Source VulDB

Published Apr 27, 2026 at 14:30

Affected Product

Vendor code-projects

Product Online Lot Reservation System

Version 1.0

Affected Versions code-projects Online Lot Reservation System 1.0

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used.",
    "published": "2026-04-27T14:30:13.115Z",
    "modified": "2026-04-27T14:30:13.115Z",
    "type": "cve",
    "title": "code-projects Online Lot Reservation System download.php readfile path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359731\nhttps://vuldb.com/vuln/359731/cti\nhttps://vuldb.com/submit/800979\nhttps://github.com/zzk6th/cve/issues/2\nhttps://code-projects.org/",
    "id": "CVE-2026-7132",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "code-projects Online Lot Reservation System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Lot Reservation System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

code-projects Online Lot Reservation System download.php readfile path traversal_CVE-2026-7132