CVE-2023-30122 Information

Description

An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Reference

https://github.com/xtxxueyan/bug_report/blob/main/vendors/onetnom23/online-food-ordering-system-v2/RCE-1.md