CVE Details
Basic Information
| Title | code-projects Simple Car Rental System approve.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-12T13:32:04.987Z |
| Modified | 2025-07-12T13:32:04.987Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Simple Car Rental System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability in the approve.php file of the Simple Car Rental System allows remote attackers to inject malicious SQL code, potentially leading to data tampering and unauthorized access. The vulnerability is considered critical and has a publicly disclosed exploit. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Simple Car Rental System |
| AI Version | 1.0 |
Affected Products
- code-projects Simple Car Rental System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.