Needyamin Library Card System Unrestricted File Upload Vulnerability in Signup.php

A critical vulnerability allowing unrestricted file uploads has been identified in Needyamin Library Card System version 1.0. The issue resides in the 'Add Picture' feature within the 'signup.php' file. This vulnerability can be exploited remotely, potentially leading to malware distribution, remote code execution, data breaches, denial-of-service conditions, web shell installations, and reputational damage.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which could be used to upload malicious files such as web shells. Once uploaded, these shells could be executed on the server, leading to remote code execution. The vulnerability could also be used to bypass security controls, distribute malware, cause denial-of-service conditions, and damage the organization's reputation.

Reproduction

To reproduce this vulnerability, access the 'signup.php' file in the 'Add Picture' section of the application. Upload a file without any restrictions on file type or extension. After the file is uploaded, it can be accessed through the 'images' directory, where uploaded files are stored. If a web shell is uploaded, it can be executed by navigating to the corresponding URL.