An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the “page” parameter, to cause local file inclusion resulting in code execution.
CPE | Name | Operator | Version |
---|---|---|---|
car_rental_management_system | eq | 1.0 |