Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2024-57487
- EPSS 35.37%
- Published 13.01.2025 17:15:17
- Last modified 03.04.2025 18:48:41
In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server.
6.5
CVE-2024-57488
- EPSS 0.02%
- Published 13.01.2025 17:15:17
- Last modified 03.04.2025 18:44:37
Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting (XSS) via the vehicalorcview parameter in /admin/edit-vehicle.php.
1