Remote Code Execution (RCE) Vulnerability in Sourcecodester Online Food Ordering System 2.0 via Image Upload Bypass

Remote Code Execution (RCE) Vulnerability in Sourcecodester Online Food Ordering System 2.0 via Image Upload Bypass

CVE-2021-41644 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.

Learn more about our Web Application Penetration Testing UK.