CVE-2024-57487
published 2025-01-13CVE-2024-57487: In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP…
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EXPLOIT
In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| code-projects | online_car_rental_system | — | — |