SQL Injection Vulnerability in Car Booking System PHP by Sanin-S1R3N
CVE-2025-63451

9.8CRITICAL

Key Information:

Vendor: Sanin-S1R3N
Status: Car-Booking-System-PHP
Vendor: CVE Published:; 3 November 2025

🔔 Create Sanin-S1R3N Vulnerability Alert

What is CVE-2025-63451?

The Car Booking System PHP version 1.0 features an SQL Injection vulnerability located in the '/carlux/sign-in.php' file. This flaw allows attackers to manipulate SQL queries through unvalidated user inputs, potentially compromising data integrity and confidentiality. It is crucial for users of this software to apply security patches or updates as they become available to mitigate the risk associated with this vulnerability.

References

https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-12

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Oct 27, 2025

JSON