Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.exploit-db.com/exploits/49615 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-16T19:54:20
Updated: 2024-08-03T21:40:13.125Z
Reserved: 2021-03-12T00:00:00
Link: CVE-2021-28294
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-03-16T20:15:13.037
Modified: 2021-03-22T15:32:40.763
Link: CVE-2021-28294
Redhat
No data.