SourceCodester Real Estate Property Listing App Unrestricted File Upload Vulnerability

A vulnerability allowing unrestricted file upload has been identified in SourceCodester Real Estate Property Listing App version 1.0. The issue resides in the file '/admin/property.php', where the 'image' parameter can be manipulated to upload arbitrary files. This vulnerability can be exploited remotely, potentially allowing an attacker to upload a web shell.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, including the upload of malicious scripts that could be executed on the server, such as web shells.

Reproduction

To reproduce this vulnerability, log into the admin backend of the application. Navigate to the properties section and select a real estate item to edit. In the file upload section, upload a PHP file containing a simple backdoor script, such as one that executes a command or evaluates a PHP expression. After uploading the file, the application should redirect to the uploaded file's location, where the web shell can be accessed and executed.

Remediation

It is recommended to implement a file upload whitelist that only allows specific file types, such as JPG and PNG, to be uploaded.