Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)

vendor:

Alphaware Simple E-Commerce System

by:

Christian Vierschilling

9.8

CVSS

HIGH

Remote Code Execution

CWE

Product Name: Alphaware Simple E-Commerce System

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:sourcecodester:alphaware_simple_e-commerce_system

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: PHP 7.4.14, Linux x64_x86

2021

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

The web application allows for an unauthenticated file upload which can result in a Remote Code Execution. We combine this issue with an sql injection to retrieve the randomised name of our uploaded php shell.

Mitigation:

Implement authentication and authorization checks for file uploads, and ensure that the uploaded files are validated and sanitized.

Source

Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)

Mitigation:

Exploit-DB raw data: