{"id":8015,"date":"2025-07-12T08:48:51","date_gmt":"2025-07-12T08:48:51","guid":{"rendered":"http:\/\/localhost\/?p=8015"},"modified":"2025-07-12T08:48:51","modified_gmt":"2025-07-12T08:48:51","slug":"code-projects-simple-car-rental-system-payphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8015","title":{"rendered":"code-projects Simple Car Rental System pay.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\ncode-projects Simple Car Rental System pay.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-12T12:32:05.947Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-12T12:32:05.947Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nSimple Car Rental System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability in the Simple Car Rental System allows remote attackers to inject malicious SQL code via the mpesa parameter in pay.php. This could lead to data tampering or unauthorized access. The vulnerability is critical and has a public exploit available.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
AI Product<\/th>\nSimple Car Rental System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n