CVE-2026-5637 | projectworlds Car Rental System 1.0 Parameter /message_admin.php Message sql injection

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability was found in projectworlds Car Rental System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /message_admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection.

This vulnerability is traded as CVE-2026-5637. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-5637 | projectworlds Car Rental System 1.0 Parameter /message_admin.php Message sql injection

Post correlati

CVE-2025-7501 | Wonder Slider Lite Plugin up to 14.4 on WordPress Image Parser cross site scripting

CVE-2026-2987 | specialk Simple Ajax Chat Plugin up to 20260217 on WordPress c cross site scripting

CVE-2025-12357 | ISO 15118-2 Network and Application Protocol Requirements communication channel to intended endpoints (icsa-25-303-01)

CVE-2025-24526 | Mattermost up to 9.11.7/10.1.3/10.2.2/10.3.2/10.4.1 Archived Channel authorization