A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
References
Link | Resource |
---|---|
https://cxsecurity.com/issue/WLB-2022010093 | Exploit Issue Tracking Third Party Advisory |
https://www.exploit-db.com/exploits/50672 | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-01-27 19:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-46428
Mitre link : CVE-2021-46428
CVE.ORG link : CVE-2021-46428
JSON object : View
Products Affected
simple_chatbot_application_project
- simple_chatbot_application
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type