Newbee Mall Plus Unrestricted File Upload Vulnerability in Upload Controller

A vulnerability allowing arbitrary file uploads has been identified in Newbee Mall Plus version 2.0.0. The issue resides in the UploadController.java file, specifically within the Product Information Edit Page component. The vulnerability arises because the upload function does not properly validate file extensions, enabling attackers to bypass front-end restrictions and upload potentially harmful files. This flaw could be exploited remotely and may lead to more severe consequences, such as executing malicious code on the server.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which could be used to upload malicious files that are processed by the application, potentially leading to code execution.

Reproduction

To reproduce this vulnerability, access the Product Information Edit Page and click the button to upload a product image. Select an image file and use a tool like Burp Suite to intercept the upload request. Modify the 'filename' parameter to include a JSP file extension and inject malicious code into the file. After uploading, the file will be saved and can be accessed through the product management page, where the uploaded JSP file will be present on the server.