Projectworlds: Security Vulnerabilities
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-04-06
Page 22