Campcodes Advanced Online Voting Management System Unrestricted File Upload Vulnerability Leading to Remote Code Execution

A critical arbitrary file upload vulnerability has been identified in Campcodes Advanced Online Voting Management System version 1.0. The issue resides in the file '/admin/voters_add.php', where the application fails to properly validate or sanitize the 'photo' parameter during file uploads. This weakness allows authenticated administrators to upload malicious files, such as PHP web shells, which can be executed remotely, leading to unauthorized access and control over the server.

Impact

Exploitation of this vulnerability allows for remote code execution on the server, with the potential for full system compromise. Uploaded PHP files can be executed via the web, and the vulnerability could be exploited to bypass authentication mechanisms, especially if default or weak credentials are used.

Reproduction

To reproduce this vulnerability, log into the admin panel with valid credentials. Navigate to the 'Add Voter' page and upload a malicious PHP file through the photo upload field. After submitting the form, the uploaded file can be accessed from the 'images' directory, where it will execute any PHP code, such as a PHP info command, on the server.

Remediation

It is recommended to implement proper file validation by restricting uploads to safe image formats, verifying MIME types and file content, and renaming uploaded files to prevent predictable access paths.