Grocery-CMS-PHP-Restful-API is an online grocery shop. The project is developed by using PHP/MySQL/Slim Restful API. The project has powerful backend cms to manage grocery shop online. it has features like add items, remove items, update price, manage orders etc. Restful API ready to embed in Application using JSON data.
54
stars
30
forks
source link
An arbitrary file upload vulnerability exists in /admin/add-category.php #5
There is an arbitrary file upload vulnerability exists in /admin/add-category.php, User can upload webshell to execute command.
POC: First we create a jpg image and write a php webshell.
Then, we add category, and modify the extension with burpsuite.
The uploaded file was saved in /admin/itemimg/ with same name.
We can easily use it for RCE(RemoteCodeExecution).
Solution: Better use white list to check uploaded files.