CVE-2023-37629

Опубликовано: 12 июл. 2023

Источник: nvd

CVSS3: 9.8

EPSS Высокий

Описание

Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to "add-pig.php."

Ссылки

http://packetstormsecurity.com/files/173656/Online-Piggery-Management-System-1.0-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC/tree/main/CVE-2023-37629
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
Product
http://packetstormsecurity.com/files/173656/Online-Piggery-Management-System-1.0-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC/tree/main/CVE-2023-37629
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.87148

Высокий

9.8 Critical

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-w773-x35x-fhrw