SourceCodester Simple Doctors Appointment System Unrestricted File Upload Vulnerability

A critical unrestricted file upload vulnerability has been identified in SourceCodester Simple Doctors Appointment System versions through 1.0. The issue arises in the file '/doctors_appointment/admin/ajax.php?action=save_category', where the 'img' argument can be manipulated to upload dangerous file types that may be processed within the application's environment. This vulnerability could lead to remote code execution.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which could be used to upload malicious files that are executed on the server, potentially leading to remote code execution.

Reproduction

To reproduce this vulnerability, send a POST request to '/doctors_appointment/admin/ajax.php?action=save_category' with a file that has a dangerous file extension, such as a PHP file disguised as an image. The application does not properly validate or sanitize the uploaded files, allowing the upload of potentially harmful files that can be executed on the server.