1Uzpk

**Name of the Vulnerable Software and Affected Versions** projectworlds House Rental and Property Listing version 1.0 **Description** A flaw exists in projectworlds House Rental and Property Listing that allows for unrestricted file upload through manipulation of the `image` argument in the file '/app/register.php?action=reg' within the Signup component. This manipulation occurs in an unknown function. Remote exploitation is possible, and an exploit has been published. **Recommendations** Apply restrictions to the file upload functionality within the Signup component. Disable or restrict access to the `/app/register.php?action=reg` endpoint.