Online Ordering System
CVE-2025-7755
LOW
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
Unrestricted file upload in code-projects Online Ordering System 1.0 allows authenticated remote attackers to upload arbitrary files via the image parameter in /admin/edit_product.php, enabling remote code execution. The vulnerability affects the admin product editing functionality and has publicly available exploit code; however, the low CVSS score (2.1) and minimal EPSS percentile (26%) indicate limited real-world exploitation despite authenticated access requirements.
Technical ContextAI
The vulnerability resides in the /admin/edit_product.php file of a PHP-based e-commerce application. The image parameter lacks proper file type validation and upload restrictions, falling under CWE-284 (Improper Access Control). While the application appears to implement authentication (PR:L in CVSS vector), the upload handler fails to enforce whitelist-based file restrictions, allowing authenticated users to bypass security controls. The underlying weakness stems from inadequate input validation and insufficient server-side file type verification on uploaded content.
RemediationAI
No vendor-released patch has been identified at time of analysis. Immediate remediation requires implementing server-side file upload validation: enforce a whitelist of allowed MIME types (e.g., image/jpeg, image/png only), validate file extensions against a strict allowlist on the server side (not client-side), and implement file type verification using libmagic or equivalent (not relying on headers alone). Restrict upload directory permissions to prevent execution (set Apache/nginx to disable script execution in upload directories via .htaccess or web server configuration). Additionally, store uploaded files outside the web root or in a directory inaccessible to the web server process. Limit admin functionality access via IP whitelisting or VPN to reduce exposure to this authenticated vulnerability. Upgrade to a patched version if the vendor releases one, or consider migrating to a maintained e-commerce platform with security-in-depth upload handling.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today