CVE-2024-8089
📋 TL;DR
This vulnerability allows remote attackers to upload arbitrary files to the SourceCodester E-Commerce System 1.0 via the photo parameter in the admin products controller. This can lead to remote code execution or system compromise. All installations of version 1.0 are affected.
💻 Affected Systems
- SourceCodester E-Commerce System
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system takeover, data theft, and lateral movement within the network.
Likely Case
Webshell deployment allowing persistent backdoor access, data exfiltration, and further exploitation of the server.
If Mitigated
File upload limited to authenticated admin users only, reducing attack surface but still dangerous if admin credentials are compromised.
🎯 Exploit Status
Exploit requires admin authentication but is trivial to execute once authenticated. Public exploit code is available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://www.sourcecodester.com/
Restart Required: No
Instructions:
No official patch available. Consider upgrading to a newer version if available or implementing workarounds.
🔧 Temporary Workarounds
Restrict File Upload Types
allImplement server-side validation to only allow specific image file types (jpg, png, gif) and verify file signatures.
Implement File Upload Directory Restrictions
linuxConfigure web server to prevent execution of uploaded files in the upload directory.
For Apache: Add 'php_flag engine off' to .htaccess in upload directory
For Nginx: location ~* \.php$ { deny all; } in upload directory config
🧯 If You Can't Patch
- Disable the photo upload functionality entirely in the admin interface
- Implement Web Application Firewall (WAF) rules to block malicious file upload attempts
🔍 How to Verify
Check if Vulnerable:
Attempt to upload a PHP file via the admin products photo upload feature. If successful, system is vulnerable.Check Version:
Check the system version in the admin panel or read the application version file if available.Verify Fix Applied:
Attempt to upload a PHP file after implementing fixes. Upload should be rejected or file should not execute.📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads to /ecommerce/admin/products/controller.php
- Uploads of non-image file types with image extensions
- Multiple failed upload attempts followed by successful PHP file upload
Network Indicators:
- HTTP POST requests to /ecommerce/admin/products/controller.php with file uploads
- Traffic patterns showing file uploads followed by requests to unusual file paths
SIEM Query:
source="web_logs" AND uri="/ecommerce/admin/products/controller.php" AND method="POST" AND (file_extension="php" OR file_extension="phtml" OR file_extension="php5")