itsourcecode Content Management System File Upload Vulnerability Allowing Remote Code Execution

A critical vulnerability has been identified in itsourcecode Content Management System version 1.0. The issue resides in the file '/admin/add_topic.php?category=BBS', where the 'Cover Image' argument is not properly validated, allowing for unrestricted file uploads. This vulnerability can be exploited remotely, and uploaded files can be executed within the application's environment, potentially leading to remote code execution.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which can be executed as code on the server, leading to remote code execution.

Reproduction

To reproduce this vulnerability, upload a file through the '/admin/add_topic.php?category=BBS' endpoint. The application does not filter or sanitize the uploaded files, allowing dangerous file types to be uploaded. After uploading a PHP file, it can be executed by accessing it directly, for example, by uploading a file that contains a PHP payload and then navigating to the uploaded file's location on the server.