Vulnerabilities > CAR Rental Script Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-20648 | Cross-Site Request Forgery (CSRF) vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php. | 8.8 |
| 2019-03-21 | CVE-2018-20647 | Path Traversal vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory. | 6.5 |
| 2018-08-09 | CVE-2018-15182 | Cross-site Scripting vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields. | 5.4 |
| 2018-04-12 | CVE-2018-6904 | Cross-site Scripting vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. | 5.4 |
| 2017-12-27 | CVE-2017-17907 | Cross-site Scripting vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter. | 6.1 |
| 2017-12-27 | CVE-2017-17906 | SQL Injection vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17905 | Cross-Site Request Forgery (CSRF) vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. | 8.8 |
| 2017-12-13 | CVE-2017-17637 | SQL Injection vulnerability in CAR Rental Script Project CAR Rental Script 2.0.4 Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. | 9.8 |