Key Information Vulnerability Title Arbitrary File Upload (CSV) Vulnerability Report / CVE Report in Certificate Generation System Affected Product Product: Certificate Generation System Project Repository: https://github.com/GreatDevelopers/Certificate Component/File: CSV Upload Handler (PHP Backend), https://github.com/GreatDevelopers/Certificate/blob/restructured/csv.php Vulnerable Code Snippet: Version: 1.0 Vendor: GreatDevelopers (GitHub) Vulnerability Summary Arbitrary file upload vulnerability (CWE-434) exists. The application performs validation solely based on file extension and directly concatenates the original filename to the target path. This validation can be easily bypassed by providing a custom filename such as . There is no MIME type validation, file size restriction, or content inspection. Uploaded files are stored in a web-accessible directory, potentially allowing malicious script execution if server-side execution is enabled. Vulnerability Type Arbitrary File Upload CWE: CWE-434 (Unrestricted Upload of Dangerous File Types) Technical Root Cause The application relies solely on extension validation using and reuses the user-supplied filename. There is no MIME type validation, content validation, or restriction on executable file uploads. Files are stored in a web-accessible path, significantly increasing the impact. Impact Remote Code Execution (if PHP execution is enabled) Persistent webshell deployment Malware hosting Denial of Service via large file uploads References OWASP Unrestricted File Upload: https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload CWE-434: https://cwe.mitre.org/data/definitions/434.html Project: https://github.com/GreatDevelopers/Certificate