CVE-2023-1558

Опубликовано: 22 мар. 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 9.8

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability classified as critical has been found in Simple and Beautiful Shopping Cart System 1.0. This affects an unknown part of the file uploadera.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223551.

Ссылки

https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf
Third Party Advisory
https://vuldb.com/?ctiid.223551
Permissions Required
Third Party Advisory
https://vuldb.com/?id.223551
Third Party Advisory
https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf
Third Party Advisory
https://vuldb.com/?ctiid.223551
Permissions Required
Third Party Advisory
https://vuldb.com/?id.223551
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_and_beautiful_shopping_cart_system_project:simple_and_beautiful_shopping_cart_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00105

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-qp27-2pm7-r49x

CVSS3: 9.8

github

почти 3 года назад

EPSS

Процентиль: 29%

0.00105

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434