CampCodes Computer Laboratory Management System Unrestricted File Upload Vulnerability Allowing Remote Code Execution

A critical vulnerability exists in CampCodes Computer Laboratory Management System version 1.0, specifically within the file '/class/edit/edit'. The issue arises from an unrestricted file upload feature, where the 'e_photo' argument can be manipulated to upload arbitrary files. This vulnerability can be exploited remotely, leading to unauthorized code execution on the server.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which can be used to execute malicious code on the server, potentially leading to a full compromise of the web application or server.

Reproduction

To reproduce this vulnerability, send a POST request to '/LabManagement/class/edit/edit' with the 'e_photo' field containing a crafted file, such as a PHP script, disguised as an image. Include the necessary form data to complete the upload, such as 'e_number', 'e_id', and 'key'. The uploaded file will be executed on the server, demonstrating the remote code execution impact.