CyberSec.Space Logo
Back to CVE Browser

CVE-2017-17906

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1360%
EPSS Percentile27.43th
PublishedDec 27, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

Affected Platforms (CPE)

📦
Car Rental Script Project

Car Rental Script

= 2.0.8

References & Advisories

🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Car-Rental-Script.md
🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Car-Rental-Script.md

Related Vulnerabilities

CVE-2017-176379.8

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.

CVE-2018-206488.8

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.

CVE-2017-179058.8

PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.

CVE-2010-06317.5

Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote at...