Vulnerability Details CVE-2023-0257
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fos/admin/index.php?page=menu of the component Menu Form. The manipulation of the argument Image with the input <?php system($_GET['c']); ?> leads to unrestricted upload. The attack can be launched remotely. The identifier VDB-218185 was assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.4%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 5.8
References
Products affected by CVE-2023-0257
-
cpe:2.3:a:online_food_ordering_system_project:online_food_ordering_system:2.0