Name of the Vulnerable Software and Affected Versions:

code-projects Online Ordering System version 1.0

Description:

A critical issue exists in code-projects Online Ordering System 1.0, specifically within the `/admin/product.php` file. The manipulation of the `image` argument allows for unrestricted file uploads. This issue can be exploited remotely. The exploit details have been publicly disclosed.

Recommendations:

As a temporary workaround, restrict access to the `/admin/product.php` file.

Sanitize the `image` argument to prevent unrestricted file uploads.

Disable the vulnerable function responsible for handling file uploads until a fix is available.