Login Sign Up

CVE-2024-7189

6.3 MEDIUM
Remote Code Execution

📋 TL;DR

This critical vulnerability in itsourcecode Online Food Ordering System 1.0 allows attackers to upload arbitrary files via the 'photo' parameter in editproduct.php. This can lead to remote code execution or system compromise. Any organization using this software is affected.

💻 Affected Systems

Products:
  • itsourcecode Online Food Ordering System
Versions: 1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the editproduct.php file specifically; requires web server with PHP support

📦 What is this software?

Online Food Ordering System by Kevinwong

View all CVEs affecting Online Food Ordering System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover via webshell upload leading to data theft, ransomware deployment, or use as attack platform

🟠

Likely Case

Webshell installation allowing persistent access, data exfiltration, or lateral movement

🟢

If Mitigated

File upload blocked, preventing exploitation but potentially disrupting legitimate photo upload functionality

🌐 Internet-Facing: HIGH - Attack can be launched remotely without authentication
🏢 Internal Only: MEDIUM - Still exploitable from internal networks but attack surface reduced

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code publicly available on GitHub; simple file upload manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing workarounds.

🔧 Temporary Workarounds

File Upload Restriction

all

Implement strict file upload validation in editproduct.php

Add file type validation (allow only image extensions)
Add file size limits
Implement file content verification

Web Application Firewall Rules

all

Block malicious file upload attempts

WAF rule: Block requests with suspicious file extensions in upload parameters
WAF rule: Block requests with executable content in file uploads

🧯 If You Can't Patch

  • Remove or rename editproduct.php file if not needed
  • Implement network segmentation to isolate the vulnerable system

🔍 How to Verify

Check if Vulnerable:

Test if you can upload non-image files via the photo parameter in editproduct.php

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Attempt to upload malicious files; should be rejected with proper validation

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed upload attempts
  • Successful upload of non-image files
  • Access to uploaded files with suspicious extensions

Network Indicators:

  • HTTP POST requests to editproduct.php with file uploads
  • Traffic to unexpected file paths

SIEM Query:

source="web_server" AND uri="*editproduct.php*" AND method="POST" AND (file_extension="php" OR file_extension="exe" OR file_extension="sh")

📊 Metadata

CVE ID: CVE-2024-7189
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-434
Published: July 29, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7189, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)