Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Jettweb Hazir Rent A Car Scripti V4 - Unprotected Admin Panel Allows Data Theft
CVE-2019-25488
Summary
The Jettweb Hazir Rent A Car Scripti V4 has a security issue in its admin panel. Attackers can access sensitive information or disable the system by sending specific text to the admin website. To stay safe, update the script to a fixed version or contact the developer for assistance.
Original title
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. At...
Original description
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php endpoint to extract sensitive database information or cause denial of service.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026