Code-Projects Content Management System and News-Buzz Unrestricted File Upload Vulnerability

A vulnerability allowing arbitrary file upload has been identified in Code-Projects Content Management System and News-Buzz version 1.0. This issue arises in the file /admin/editposts.php, where the image argument can be manipulated to bypass file type restrictions. The vulnerability can be exploited remotely, allowing attackers to upload malicious scripts that could be executed on the server, potentially leading to unauthorized control, data theft, or further attacks on system security.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which can be used to upload and execute malicious scripts on the server. This could result in unauthorized server control, data theft, or additional attacks that compromise system security.

Reproduction

To reproduce this vulnerability, send a POST request to /NEWS-BUZZ/admin/editposts.php with the image argument manipulated to include a file named '111.php'. Change the Content-Type to 'image/gif' to bypass file type detection. Once the file is uploaded, it can be accessed through the 'allpostpics' directory and executed as a web shell.