CVE-2022-43085

Name of the Vulnerable Software and Affected Versions Restaurant POS System version 1.0

Description The issue is related to an arbitrary file upload vulnerability in the add product.php file, which allows attackers to execute arbitrary code via a crafted PHP file. This can be achieved by uploading a malicious PHP file to the system.

Recommendations For Restaurant POS System version 1.0, consider removing or restricting access to the add product.php file until a patch is available. As a temporary workaround, restrict the types of files that can be uploaded to prevent PHP files from being executed.