CVE-2023-43740

Name of the Vulnerable Software and Affected Versions Online Book Store Project version 1.0

Description The issue allows an authenticated attacker to obtain Remote Code Execution on the server hosting the application via an Insecure File Upload vulnerability on the image parameter of the "admin edit.php" page.

Recommendations For Online Book Store Project version 1.0, as a temporary workaround, consider disabling the file upload functionality on the "admin edit.php" page until a patch is available. Restrict access to the "admin edit.php" page to minimize the risk of exploitation. Avoid using the image parameter in the affected page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.