Zoo Management System save_animal arbitrary file upload vulnerability

Zoo Management System is a zoo management system developed by Carlo Montero, a personal developer who provides an online and automated platform for zoo businesses to manage their daily records. An arbitrary file upload vulnerability exists in Zoo Management System v1.0, which stems from a lack of validation of uploaded files in the “save_animal” file upload section of the “Animals” module of the backend management system. save_animal" file in the backend management system “Animals” module, the image upload area lacks validation of the uploaded file. An attacker can exploit this vulnerability to upload malicious files to remotely execute arbitrary code.