CVE Alert: CVE-2025-12301 – code-projects – Simple Food Ordering System
CVE-2025-12301
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
AI Summary Analysis
Risk verdict
High risk: publicly disclosed unrestricted upload in editproduct.php enables remote, unauthenticated file uploads, with a PoC available.
Why this matters
Remote upload can enable web shell or data exfiltration, affecting integrity and availability of the ordering system. With no authentication and no user interaction required, the attack surface is broad across publicly reachable deployments, risking processor/DB access, tampering with product data, or downtime impacting customers.
Most likely attack path
An attacker sends a crafted request to /editproduct.php with the photo parameter containing malicious content. The lack of authentication (PR:N) and no UI required (UI:N) align with an easy entry point, and unrestricted upload (CWE-434) facilitates storage of executable payloads in a web-accessible path. With S:U, the attack stays within the same security boundary but can compromise the host/server, potentially enabling further access if upload/file system permissions are misconfigured.
Who is most exposed
Public-facing deployments of the Simple Food Ordering System on shared hosting or inadequately segmented networks are at greatest risk, particularly where upload directories are not protected against execution.
Detection ideas
- New or modified files in the upload directory with executable extensions (e.g., .php) and timestamps.
- Access logs showing requests to editproduct.php with anomalous photo payloads or large/multipart uploads.
- Attempts to execute uploaded files or unexpected server-side PHP executions.
- IDS/WAF alerts for unrestricted upload patterns or suspicious filename types.
Mitigation and prioritisation
- Apply vendor patch or upgrade; if unavailable, disable unrestricted uploads and enforce strict server-side validation.
- Move uploads outside the web root or disable execute permissions in the upload directory; enforce allowed-file-type checks and content validation.
- Require authentication for upload endpoints and implement robust input sanitisation and file-naming controls.
- Monitor and log all upload activity; enable anomaly detection for rapid incident response.
- If KEV is true or EPSS ≥ 0.5 (unknown here), treat as priority 1; otherwise high priority with urgent remediation.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
