Zoo Management System save_event arbitrary file upload vulnerability

Zoo Management System is a zoo management system that provides an online and automated platform for zoo businesses to manage their daily records. An arbitrary file upload vulnerability exists in Zoo Management System v1.0, which stems from a lack of validation of uploaded files in the "save The vulnerability is caused by a lack of validation of the uploaded file in the image upload area of the “save_event” file in the “Events” module of the backend management system. An attacker can exploit this vulnerability to upload malicious files to remotely execute arbitrary code.