CVE-2023-1433
CVE-2023-1433 affects SourceCodester Gadget Works Online Ordering System 1.0. The vulnerability resides in the admin/products/controller.php?action=add endpoint of the Products Handler, where manipulation of the filename argument enables unrestricted file upload. This can be triggered remotely an...