CVE-2025-60306
CriticalCVSS 9.9Exploitation Probability (EPSS)
Low risk28th percentile - higher than 28% of all known CVEs
Summary
In Simple Car Rental System 1.0, a permission bypass issue allows low privilege users to forge high privilege sessions and perform sensitive operations.
Risk Assessment
The risk is that unauthorized users can gain access to administrative functions, potentially leading to data confidentiality and integrity breaches and unauthorized actions within the system.
Recommendation
It is recommended to immediately update the system to the latest version or apply security patches from the vendor, and implement session-based authentication and authorization mechanisms.
Original NVD description (English source)
code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations.

