Free and Open Source Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.
a9fc1340a0b9265105cd0bcbf5d9cfffa5e3d5d6ddb4326fc57ff7e8fe5d3573
This Metasploit module exploits a vulnerability found in Online Pizza Ordering System version 1.0. By abusing the admin_class.php file, a malicious user can upload a file to the img/ directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on Ubuntu 22.04.
3002ce5e2a8a96ceb421dddfd1cd12fa3676d726242592bcbe8fb80e7b19715f