exploitDog

CVE-2023-43835

Опубликовано: 02 окт. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.

Ссылки

https://packetstormsecurity.com/files/174756/Super-Store-Finder-3.7-Remote-Command-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/174756/Super-Store-Finder-3.7-Remote-Command-Execution.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:superstorefinder:super_store_finder:*:*:*:*:*:-:*:*

Версия до 3.7 (включая)

EPSS

Процентиль: 87%

0.03503

Низкий

8.8 High

CVSS3

Дефекты

CWE-74

CWE-74

Связанные уязвимости

GHSA-xcpp-x9cj-chq9

CVSS3: 8.8

github

больше 2 лет назад

Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content.

EPSS

Процентиль: 87%

0.03503

Низкий

8.8 High

CVSS3

Дефекты

CWE-74

CWE-74