Ghostxbh Uzy-SSM-Mall Unrestricted File Upload Vulnerability

A critical vulnerability allowing unrestricted file uploads has been identified in Ghostxbh Uzy-SSM-Mall version 1.0.0. The issue resides in the file '/mall/user/uploadUserHeadImage', where the 'File' argument is manipulated to bypass upload restrictions. This vulnerability can be exploited remotely, and an available exploit has been publicly disclosed.

Impact

Exploitation of this vulnerability allows attackers to upload malicious files to the server, potentially leading to remote code execution.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the user profile section where avatar uploads are managed. Use the upload feature to send a file through the '/mall/user/uploadUserHeadImage' endpoint. The uploaded file can be a web shell, such as a JSP file, which could then be executed on the server.