A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-product.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

The Guid Point Blog

GuidePoint Security The Guiding Point. Trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk.