CVE-2024-57487

Published: Jan 13, 2025

Modified: Jan 13, 2025

PUBLISHED

Description

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://code-projects.org/online-car-rental-using-php-source-code/

https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57487

Description

Affected Products

References