module
Car Rental System 1.0 File Upload RCE (Authenticated)
| Disclosed |
|---|
| Jan 13, 2025 |
Disclosed
Jan 13, 2025
Description
This module exploits an authenticated remote code execution vulnerability in the
Online Car Rental System 1.0 via the `changeimage1.php` endpoint. An authenticated
attacker can upload malicious PHP scripts without proper validation, enabling
arbitrary code execution on the server.
Online Car Rental System 1.0 via the `changeimage1.php` endpoint. An authenticated
attacker can upload malicious PHP scripts without proper validation, enabling
arbitrary code execution on the server.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.