← voltar
CVE-2023-5795

CodeAstro POS System Profile Picture profil unrestricted upload

CVSS 6.3 MEDIUMEPSS 0.8%CWE-434
A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243601 was assigned to this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
CodeAstro · POS System

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://drive.google.com/file/d/1bjDpJdG28Q5-RGJB89Dzw6YzZ1VHN23X/view?usp=sharinghttps://vuldb.com/?ctiid.243601https://vuldb.com/?id.243601