CVE-2020-24195

CVE-2020-24195

EPSS 2.9%

An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://packetstormsecurity.com/files/158704/Online-Bike-Rental-1.0-Shell-Upload.html https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html