Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.
https://github.com/BigTiger2020/Ordering-System/blob/main/Ordering%20System.md