Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-1185

Опубликовано: 06 мар. 2023
Источник: nvd
CVSS3: 4.7
CVSS3: 8.8
CVSS2: 5.8
EPSS Низкий

Описание

A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. This affects an unknown part of the component New Product Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222357 was assigned to this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:shopex:ecshop:*:*:*:*:*:*:*:*
Версия до 4.1.8 (включая)

EPSS

Процентиль: 24%
0.00081
Низкий

4.7 Medium

CVSS3

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

github логотип

GHSA-j8wp-62vq-268h

CVSS3: 8.8
github
почти 3 года назад

A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. This affects an unknown part of the component New Product Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222357 was assigned to this vulnerability.

fstec логотип

BDU:2023-01820

CVSS3: 8.8
fstec
почти 3 года назад

Уязвимость компонента New Product Handler системы торговых центров электронной коммерции ECShop, позволяющая нарушителю загружать произвольные файлы

EPSS

Процентиль: 24%
0.00081
Низкий

4.7 Medium

CVSS3

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-434