Vulnerability Details CVE-2020-24195
An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.0%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.5
References
- https://packetstormsecurity.com/files/158704/Online-Bike-Rental-1.0-Shell-Upload.html
- https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html
- https://packetstormsecurity.com/files/158704/Online-Bike-Rental-1.0-Shell-Upload.html
- https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html
Products affected by CVE-2020-24195
-
cpe:2.3:a:online_bike_rental_project:online_bike_rental:1.0