Home/Product/car rental script project car rental script
Product

car rental script project car rental script

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-48837
all versions
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
5.4MEDIUM
 CVE-2023-48836
all versions
Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_
5.4MEDIUM
 CVE-2023-48835
all versions
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
8.8HIGH
 CVE-2023-48834
all versions
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion.
7.5HIGH
 CVE-2023-40764
all versions
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in
9.8CRITICAL
 CVE-2023-40754
all versions
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) all
8.8HIGH
 CVE-2018-20648
all versions
PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.
8.8HIGH
 CVE-2018-20647
all versions
PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as
6.5MEDIUM
 CVE-2018-15182
all versions
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.
5.4MEDIUM
 CVE-2018-6904
all versions
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.
5.4MEDIUM
 CVE-2017-17907
all versions
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename pa
6.1MEDIUM
 CVE-2017-17906
all versions
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
9.8CRITICAL
 CVE-2017-17905
all versions
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
8.8HIGH
 CVE-2017-17637
all versions
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
9.8CRITICAL
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh