Privilege escalation

2023-05-0502:15:00

PRIOn knowledge base

www.prio-n.com

privilege escalation

component vulnerability

arbitrary code execution

nvd

9.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

CPENameOperatorVersion
online_food_ordering_systemeq2.0

CPE	Name	Operator	Version
	online_food_ordering_system	eq	2.0

References

github.com/xtxxueyan/bug_report/blob/main/vendors/onetnom23/online-food-ordering-system-v2/RCE-1.md