Needyamin Image Gallery Unrestricted File Upload Vulnerability in Cover Image Handler
Vulnerability
A critical unrestricted file upload vulnerability has been identified in Needyamin's Image Gallery version 1.0. The issue resides in the admin/gallery.php file, specifically within the Cover Image Handler component. This vulnerability allows remote attackers to upload files without restriction, potentially leading to malware distribution, remote code execution, data breaches, denial-of-service conditions, web shell installations, and bypassing security controls.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which could be used to upload malicious files such as web shells. This could lead to remote code execution on the server.
Reproduction
To reproduce this vulnerability, access the admin panel of the Needyamin Image Gallery application. Navigate to the 'Add Gallery' section in admin/gallery.php. The file upload feature does not validate file types or extensions, allowing any file to be uploaded. After uploading a file, it can be accessed through the application's file structure, typically under 'models/hacker/'.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.