| Title | https://github.com/yeqifu/carRental carRental 1.0 Use of Hard-coded Credentials |
|---|
| Description | A vulnerability classified as problematic was discovered in carRental v1.0. The affected component is the file src/main/webapp/WEB-INF/web.xml of Druid, with some unknown functions. The use of parameters loginUsername/loginPassword will result in the use of default credentials. Moreover, Druid does not require login permissions, allowing attacks to be initiated remotely and anonymously. |
|---|
| Source | ⚠️ https://github.com/caigo8/CVE-md/blob/main/carRentalV1.0/druid%E6%9C%AA%E6%8E%88%E6%9D%83.md |
|---|
| User | huanyue (UID 62942) |
|---|
| Submission | 08/13/2025 10:18 (8 months ago) |
|---|
| Moderation | 08/21/2025 08:15 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 320915 [yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3 Druid login.html hard-coded credentials] |
|---|
| Points | 19 |
|---|