CodeProjects News Publishing Site Dashboard Unrestricted File Upload Vulnerability in Edit Category Page

A critical vulnerability allowing unrestricted file uploads has been identified in CodeProjects News Publishing Site Dashboard version 1.0. The issue arises in the Edit Category Page component, specifically within the file '/edit-category.php'. The vulnerability is triggered by manipulating the 'category_image' argument, which bypasses upload restrictions and may lead to remote code execution.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which can be used to upload malicious scripts that may be executed on the server, potentially leading to remote code execution.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the 'Edit Category' page. Once there, upload a file through the 'category_image' field. The upload process only checks the file's content type, not the actual file content, allowing a PHP file containing malicious code to be uploaded. After uploading, the malicious file can be executed by accessing it directly on the server.