CVE Catalog

CVE-2025-60306

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile - higher than 28% of all known CVEs

Summary

In Simple Car Rental System 1.0, a permission bypass issue allows low privilege users to forge high privilege sessions and perform sensitive operations.

Risk Assessment

The risk is that unauthorized users can gain access to administrative functions, potentially leading to data confidentiality and integrity breaches and unauthorized actions within the system.

Recommendation

It is recommended to immediately update the system to the latest version or apply security patches from the vendor, and implement session-based authentication and authorization mechanisms.

Original NVD description (English source)

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS