CVE Details
Basic Information
| Title | code-projects Car Rental System approve.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-30T10:32:06.005Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Car Rental System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the approve.php file of the Car Rental System 1.0. This allows remote attackers to inject malicious SQL code by manipulating the ID argument, potentially leading to unauthorized data access and modification. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | Car Rental System |
| Affected Version | 1.0 |
Affected Products
- code-projects Car Rental System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.