CVE-2024-12981

Name of the Vulnerable Software and Affected Versions CodeAstro Car Rental System version 1.0

Description A critical issue has been found in the CodeAstro Car Rental System. The problem affects an unknown functionality of the file /bookingconfirm.php. The manipulation of the driver id from dropdown argument leads to SQL injection. This issue can be exploited remotely. Other parameters might also be affected.

Recommendations For CodeAstro Car Rental System version 1.0, as a temporary workaround, consider restricting access to the /bookingconfirm.php file until a patch is available. Additionally, avoid using the driver id from dropdown argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.