CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0339: code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scripting

5.3 CVSS

Description

A vulnerability classified as problematic has been found in code-projects Online Bike Rental 1.0. Affected is an unknown function of the file /vehical-details.php of the component HTTP GET Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Es wurde eine problematische Schwachstelle in code-projects Online Bike Rental 1.0 entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei /vehical-details.php der Komponente HTTP GET Request Handler. Durch Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden.

Classification

CVE ID: CVE-2025-0339

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

Affected Products

Vendor: code-projects

Product: Online Bike Rental

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.82% (scored less or equal to compared to others)

EPSS Date: 2025-02-07 (when was this score calculated)

References

https://vuldb.com/?id.290826
https://vuldb.com/?ctiid.290826
https://vuldb.com/?submit.475731
https://code-projects.org/

Timeline

2025-01-10 00:31:13 UTC
CVE

code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scripting