CVE-2020-29227

Name of the Vulnerable Software and Affected Versions Car Rental Management System version 1.0

Description An issue was discovered in the Car Rental Management System where an unauthenticated user can perform a file inclusion attack against the "/index.php" file with a partial filename in the page parameter. This can cause local file inclusion, resulting in code execution.

Recommendations For Car Rental Management System version 1.0, as a temporary workaround, consider restricting access to the /index.php file or validating and sanitizing the page parameter to prevent malicious input. Additionally, avoid using partial filenames in the page parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.