| عنوان | Code-Projects Simple Food Ordering System 1.0 Unrestricted Upload |
|---|
| الوصف | During the security assessment of "Simple Food Ordering System", I detected a critical file upload vulnerability in the "editproduct.php" file. This vulnerability stems from inadequate validation mechanisms for uploaded files, particularly the lack of proper file type verification, content checking, and extension filtering. Attackers can bypass existing restrictions to upload malicious files, potentially gaining unauthorized access to the server, executing arbitrary commands, and compromising the entire system. Immediate remediation is essential to ensure system security. |
|---|
| المصدر | ⚠️ https://github.com/underatted/CVE/issues/22 |
|---|
| المستخدم | underatted (UID 90321) |
|---|
| ارسال | 15/10/2025 10:42 AM (6 أشهر منذ) |
|---|
| الاعتدال | 26/10/2025 05:59 PM (11 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 329973 [code-projects Simple Food Ordering System 1.0 /editproduct.php photo تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|