CVE-2026-5634 | projectworlds Car Rental Project 1.0 Parameter /book_car.php fname sql injection

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability has been found in projectworlds Car Rental Project 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /book_car.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection.

This vulnerability is documented as CVE-2026-5634. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-5634 | projectworlds Car Rental Project 1.0 Parameter /book_car.php fname sql injection

Post correlati

CVE-2024-56087 | Logpoint up to 7.4.x Search Template Dashboard injection

CVE-2024-23673 | Apache Sling Servlets Resolver up to 2.10.x Script path traversal (SLING-12233)

CVE-2025-0037 | AMD Platform Loader and Manager PLM Runtime Service input validation

CVE-2025-8586 | libav up to 12.3 MPEG File Parser /libavformat/utils.c ff_seek_frame_binary null pointer dereference (ID 11681)