Back to CVE Browser

CVE-2017-17637

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0570%

EPSS Percentile41.75th

PublishedDec 13, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.

Affected Platforms (CPE)

📦

Car Rental Script Project

Car Rental Script

= 2.0.4

References & Advisories

🔗 https://packetstormsecurity.com/files/145349/Car-Rental-Script-2.0.4-SQL-Injection.html

🔗 https://www.exploit-db.com/exploits/43308/

🔗 https://packetstormsecurity.com/files/145349/Car-Rental-Script-2.0.4-SQL-Injection.html

🔗 https://www.exploit-db.com/exploits/43308/

Related Vulnerabilities

CVE-2017-179069.8

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

CVE-2018-206488.8

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.

CVE-2017-179058.8

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.

CVE-2010-06317.5

Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote at...