Restaurant Management System 1.0 Arbitrary File Upload

Disclosure date: 10/24/19


Restaurant Management System 1.0 is affected by a vulnerability which allows an authenticated attacker to upload arbitrary files which can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input.

From the Add a New Food page, we browse to our reverse shell:

When we choose add, we see our new addition:

With our handler setup, we catch our reverse shell: