Code-Projects Online Ordering System Unrestricted File Upload Vulnerability

A critical vulnerability allowing unrestricted file uploads has been identified in Code-Projects Online Ordering System version 1.0. The issue resides in the file '/admin/edit_product.php', where the 'image' parameter can be manipulated to bypass file type and content validations. This flaw enables remote attackers to upload malicious PHP scripts, such as web shells, which can then be executed to gain control over the server, including running system commands and accessing sensitive data.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which can be leveraged to execute malicious scripts on the server. This could lead to full system compromise, allowing attackers to execute commands, manipulate files, and access confidential information.

Reproduction

To reproduce this vulnerability, send a POST request to '/admin/edit_product.php' with the 'image' parameter containing a PHP file disguised as an image. The uploaded file will be stored in a web-accessible directory, where it can be executed as a script.

Remediation

It is recommended to implement strict file upload validations, such as whitelisting allowed file types and verifying their content. Additionally, uploaded files should be stored in non-executable directories and monitored for suspicious activity.