CVE-2024-57487

Medium CVSS: 6.5

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.

Vendor

Code-projects

Product

Online Car Rental System

CWE

CWE-94

Yayın Tarihi

2025-01-13 17:15:17

Güncelleme

2025-04-03 18:48:41

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-94 Online Car Rental System MEDIUM Code-projects 2025

Referanslar

https://code-projects.org/online-car-rental-using-php-source-code/ https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488

Benzer Kayıtlar

Medium

CVE-2026-5256

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /m…

Medium

CVE-2026-5257

A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of…

Medium

CVE-2026-5255

A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delst…

Medium

CVE-2026-5106

A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file…

Medium

CVE-2026-4908

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the…

Medium

CVE-2026-4849

A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file…