| शीर्षक | SourceCodester Pizzafy Ecommerce System using PHP and MySQL 1.0 Incomplete Identification of Uploaded File Variables |
|---|
| विवरण | The save_menu() function in Pizzafy Ecommerce System 1.0 handles image uploads for menu items without performing any file type validation. The application retrieves the file extension using pathinfo() but never actually checks or restricts the allowed file types before moving the uploaded file to the web-accessible assets/img/ directory. An authenticated administrator can upload a PHP webshell disguised as a menu image, then access it directly via the browser to achieve Remote Code Execution on the server. |
|---|
| स्रोत | ⚠️ https://github.com/Xmyronn/Unrestricted-File-Upload-leading-to-Remote-Code-Execution-in-Pizzafy-Ecommerce-System.git |
|---|
| उपयोगकर्ता | imad alvi (UID 97088) |
|---|
| सबमिशन | 13/04/2026 01:14 PM (2 महीनों पहले) |
|---|
| संयम | 29/04/2026 11:40 AM (16 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 360118 [SourceCodester Pizzafy Ecommerce System 1.0 File Extension admin_class_novo.php save_menu img अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|