PT-2025-44777 · Unknown · Car-Booking-System-Php

Published

2025-11-03

Updated

2025-11-07

CVE-2025-63450

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Car-Booking-System-PHP version 1.0

Description Car-Booking-System-PHP version 1.0 is susceptible to Cross Site Scripting (XSS) in the /carlux/booking.php file. The issue allows for the injection of malicious scripts through the vulnerable endpoint. The vulnerable parameter is not specified.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the /carlux/booking.php file until a patch is available.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-63450

Affected Products

Car-Booking-System-Php

PT-2025-44777 · Unknown · Car-Booking-System-Php

CVE-2025-63450

Weakness Enumeration

Related Identifiers

Affected Products

References · 6