An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
https://hackmd.io/%40d4rkp0w4r/Online_Food_Ordering_System_Remote_Code_Execution