osClass 3.6.1: Remote Code Execution via Image File

This vulnerability analysis reveals three critical security issues in the open-source marketplace software osClass 3.6.1: Cross-Site Scripting, File Write, and File Inclusion vulnerabilities. The exploitation of these vulnerabilities can lead to remote code execution on a targeted web server when chained together. The Cross-Site Scripting vulnerability allows an authenticated administrator to execute arbitrary PHP code by visiting a malicious link, while the File Write vulnerability enables an attacker to upload images with malicious EXIF data that contain PHP code. The File Inclusion vulnerability allows an attacker to include arbitrary files via the GET parameter plugin, which can be installed persistently in the database. The analysis highlights the importance of input sanitization and validation to prevent such vulnerabilities, as well as the need for automated security testing tools to quickly detect and chain these issues together.