CVE-2024-57487 Information

Description

In Code-Projects Online Car Rental System 1.0 the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.

Reference

https://code-projects.org/online-car-rental-using-php-source-code/ https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488