exploitDog

CVE-2023-33493

Опубликовано: 01 авг. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An Unrestricted Upload of File with Dangerous Type vulnerability in the Ajaxmanager File and Database explorer (ajaxmanager) module for PrestaShop through 2.3.0, allows remote attackers to upload dangerous files without restrictions.

Ссылки

https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.html
Vendor Advisory
https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ajaxmanager_project:ajaxmanager:*:*:*:*:*:prestashop:*:*

Версия до 2.3.0 (включая)

EPSS

Процентиль: 73%

0.00778

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-jmf8-63p5-c49j

CVSS3: 9.8

github

больше 2 лет назад

An Unrestricted Upload of File with Dangerous Type vulnerability in the Ajaxmanager File and Database explorer (ajaxmanager) module for PrestaShop through 2.3.0, allows remote attackers to upload dangerous files without restrictions.

EPSS

Процентиль: 73%

0.00778

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434