VYPR
Unrated severityNVD Advisory· Published Apr 6, 2020· Updated Aug 4, 2024

CVE-2020-11544

CVE-2020-11544

Description

An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for executable files.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.