Car Rental Project v.1.0 Remote Code Execution#### CVE-2020-5509 - Remote Code Execution proof-of-concept
Proof of concept exploit for CVE-2020-5509
RCE in the Car Rental Project v.1.0 web application via authenticated arbitrary file upload
```
# Exploit Title: Car Rental Project v.1.0 Remote Code Execution
# Google Dork: N/A
# Date: 1/3/2020
# Exploit Author: FULLSHADE
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/car-rental-project-php-mysql-free-download/
# Version: 1.0
# Tested on: Windows
# CVE : CVE-2020-5509
```
#### Manual POC method
1. Visit carrental > admin login > changeimage1.php
2. Upload a php rce vulnerable payload
3. Visit /carrentalproject/carrental/admin/img/vehicleimages/<RCE>.php to visit your file
4. Execute commands on the server
#### Description
Car Rental Project v.1.0 is vulnerable to arbitrary file upload since an admin can change the image of a product and the file change PHP code doesn't validate
or care what type of file is submitted, which leads to an attack having the ability to
upload malicious files. This Python POC will execute arbitrary commands on the remote server.
#### Disclosure
```
>> Contacted company/author
>> No response
>> Requested CVE / public release
```
[4.0K] /data/pocs/b8a0b9cb45c537104cf53346968d6e9c42623e61
├── [2.9K] CVE-2020-5509-rce-poc.py
├── [ 70K] poc-rce.png
└── [1.2K] README.md
0 directories, 3 files