PT-2025-44779 · Unknown · Car-Booking-System-Php
Published
2025-11-03
·
Updated
2025-11-08
·
CVE-2025-63452
CVSS v3.1
9.4
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
Car-Booking-System-PHP version 1.0
Description
Car-Booking-System-PHP version 1.0 is susceptible to SQL Injection in the
/carlux/forgot-pass.php file. The vulnerability exists due to insufficient input validation when handling user-supplied data. The vulnerable parameter is not specified.Recommendations
Apply input validation and sanitization to all user-supplied data used in SQL queries within the
/carlux/forgot-pass.php file.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Car-Booking-System-Php