Title: itsourcecode E-Commerce Website V1.0 Unrestricted Upload Description: The 'products.php' script suffers from insufficient validation and filtering of uploaded files. An attacker can upload malicious files (e.g., a PHP web shell) disguised with harmless extensions such as '.jpg'. These files are then stored in publicly accessible directories. This allows attackers to upload and execute arbitrary files through a web browser, potentially compromising the entire server and exposing sensitive data. Source: https://github.com/yihao fuweng/cve/issues/23 User: lizis3c (UID 89923) Submission Date: 09/07/2025 07:51 PM Moderation Date: 09/17/2025 01:16 PM Status: Accepted VulDB Entry: 224642 [itsourcecode E-Commerce Website 1.0 /admin/products.php unrestricted upload] Points: 20