Code-Projects Online Music Site Unrestricted File Upload Vulnerability in AdminAddAlbum.php

A vulnerability allowing arbitrary file upload has been identified in Code-Projects Online Music Site version 1.0. The issue resides in the AdminAddAlbum.php file, where the txtimage argument can be manipulated to bypass file type restrictions. This flaw enables the upload of malicious files, which could be executed to gain control over the server, steal data, or facilitate further attacks, posing a significant risk to system security. Notably, this vulnerability can be exploited remotely without requiring authentication.

Impact

Exploitation of this vulnerability allows for the upload and execution of malicious scripts on the server, potentially leading to unauthorized control, data theft, or additional attacks that could compromise system security.

Reproduction

To reproduce this vulnerability, send a POST request to the AdminAddAlbum.php file with the txtimage argument. Include a file named '11111.png' with a Content-Type of 'image/png'. The file should contain a PHP payload, such as a script that executes commands. Once the file is uploaded, it can be accessed through the upload_images/album directory, where the PHP script can be executed.