CVE-2024-11632 | code-projects Simple Car Rental System 1.0 /book_car.php fname/id_no/gender/email/phone/location sql injection

A vulnerability was found in code-projects Simple Car Rental System 1.0. It has been classified as critical. Affected is an unknown function of the file /book_car.php. The manipulation of the argument fname/id_no/gender/email/phone/location leads to sql injection.

This vulnerability is traded as CVE-2024-11632. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The initial researcher advisory only mentions the parameter “fname” to be affected. Further analysis indicates that other arguments might be affected as well.

CVE-2024-11632 | code-projects Simple Car Rental System 1.0 /book_car.php fname/id_no/gender/email/phone/location sql injection

Related Posts

CVE-2024-33748 | MvnRepository MS Basic up to 2.1.18.3 Search cross site scripting

CVE-2023-51782 | Linux Kernel up to 6.6.7 net/rose/af_rose.c rose_ioctl use after free

CVE-2023-6837 | WSO2 API Manager/Identity Server/IS as Key Manager JIT Provisioning improper authentication

CVE-2023-47846 | Terry Lin WP Githuber MD Plugin up to 1.16.2 on WordPress unrestricted upload