SourceCodester Web-Based Pharmacy Product Management System Unrestricted File Upload Vulnerability in Photo Edit Feature

A critical vulnerability allowing unrestricted file uploads has been identified in SourceCodester Web-Based Pharmacy Product Management System version 1.0. The issue arises in the file edit-photo.php, where the Avatar argument is not properly validated, allowing attackers to upload malicious files. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability could lead to remote code execution, cross-site scripting, and a complete compromise of the affected system.

Reproduction

To reproduce this vulnerability, navigate to the photo edit feature of the application. Upload a file through the Avatar input. The system's inadequate validation will allow the upload of files, including PHP scripts disguised as images. Once uploaded, these scripts can be executed, leading to remote code execution.

Remediation

Users are advised to upgrade to version 1.1 or later. Temporary mitigation measures include disabling file uploads, inspecting the upload directory for suspicious files, reviewing server logs for unusual activities, and configuring the server to prevent PHP execution in the upload directory.