Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country...
5.4CVSS
5.7AI Score
0.0004EPSS
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export...
8.8CVSS
8.6AI Score
0.001EPSS
Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name...
5.4CVSS
5.2AI Score
0.0004EPSS
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource...
7.5CVSS
7.4AI Score
0.001EPSS
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid...
9.8CVSS
9.3AI Score
0.001EPSS
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over...
8.8CVSS
8.7AI Score
0.001EPSS
A vulnerability classified as problematic has been found in GZ Scripts Car Rental Script 1.8. Affected is an unknown function of the file /EventBookingCalendar/load.php?controller=GzFront/action=checkout/cid=1/layout=calendar/show_header=T/local=3. The manipulation of the argument...
6.1CVSS
6AI Score
0.001EPSS
PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via...
8.8CVSS
8.8AI Score
0.001EPSS
PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/...
6.5CVSS
6.5AI Score
0.001EPSS
5.4CVSS
5.3AI Score
0.001EPSS
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile...
5.4CVSS
5.3AI Score
0.001EPSS
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid...
9.8CVSS
9.9AI Score
0.002EPSS
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename...
6.1CVSS
6AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS
9.8CVSS
9.9AI Score
0.002EPSS
Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior...
6.1CVSS
6.1AI Score
0.001EPSS
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords...
8.8AI Score
0.001EPSS