CVE-2017-17637
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
Date published : 2017-12-13
https://www.exploit-db.com/exploits/43308/
https://packetstormsecurity.com/files/145349/Car-Rental-Script-2.0.4-SQL-Injection.html