{"vulnerability": "CVE-2024-57487", "sightings": [{"uuid": "fed872c0-1684-47e5-bfef-2363b2db1a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113822087650712773", "content": "", "creation_timestamp": "2025-01-13T16:53:46.654383Z"}, {"uuid": "5c131a4b-9308-4041-bf47-f645b0e6b823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113822087664903605", "content": "", "creation_timestamp": "2025-01-13T16:53:48.082131Z"}, {"uuid": "ec3fdcf9-d1b8-42be-aa01-788686ea551e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1378", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57488\n\ud83d\udd39 Description: Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting (XSS) via the vehicalorcview parameter in /admin/edit-vehicle.php.\n\ud83d\udccf Published: 2025-01-13T00:00:00\n\ud83d\udccf Modified: 2025-01-13T19:36:46.132Z\n\ud83d\udd17 References:\n1. https://code-projects.org/online-car-rental-using-php-source-code/\n2. https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488", "creation_timestamp": "2025-01-13T20:07:37.000000Z"}, {"uuid": "0fe92186-accb-4d88-8788-94b493f7d989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "7ba8286b-b4ce-4742-8eea-ec9b2c110dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lp5vioermp2a", "content": "", "creation_timestamp": "2025-05-14T21:02:25.096056Z"}, {"uuid": "a1f0e372-8651-4096-a9d8-0e49a86c67c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/carrental_fileupload_rce.rb", "content": "", "creation_timestamp": "2025-05-14T06:10:17.000000Z"}, {"uuid": "989ad4b8-36de-4d3f-8d0b-398e143e5607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "published-proof-of-concept", "source": "Telegram/QXMR7F2jdeVfadE0UadP_87cUoa84idsq_cIO-k-scJwjtY", "content": "", "creation_timestamp": "2025-01-10T22:00:05.000000Z"}, {"uuid": "f5c35b4e-13cc-4914-9cb4-e51b79752e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57487", "type": "seen", "source": "https://t.me/cvedetector/15159", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57487 - \"Code-Projects Online Car Rental File Upload Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-57487 \nPublished : Jan. 13, 2025, 5:15 p.m. | 20\u00a0minutes ago \nDescription : In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file extensions or MIME types allowing an attacker to upload a PHP shell without any restrictions and execute commands on the server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T18:45:00.000000Z"}]}