Ecommerce-Website is a complete e-commerce website with an administration panel built using PHP and MySql. v1.1.0 of Ecommerce-Website is vulnerable to a file upload vulnerability, which stems from a lack of file upload restrictions in public/admin/index.php?add_product The vulnerability is caused by a missing restriction on file uploads in public/admin/index.php?add_product, which can be exploited to upload webshells via the product image component.
CPE | Name | Operator | Version |
---|---|---|---|
sourcecodester ecommerce-website v | eq | 1.1.0 |