Vulnerability Details CVE-2020-29287
An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/BigTiger2020/Car-Rental-Management-System/blob/main/README.md
- https://www.exploit-db.com/exploits/49056
- https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html
- https://github.com/BigTiger2020/Car-Rental-Management-System/blob/main/README.md
- https://www.exploit-db.com/exploits/49056
- https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html
Products affected by CVE-2020-29287
-
cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0