A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
References
Link | Resource |
---|---|
https://cxsecurity.com/issue/WLB-2022010093 | Exploit Issue Tracking Third Party Advisory |
https://www.exploit-db.com/exploits/50672 | Exploit Third Party Advisory VDB Entry |
https://cxsecurity.com/issue/WLB-2022010093 | Exploit Issue Tracking Third Party Advisory |
https://www.exploit-db.com/exploits/50672 | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:34
Type | Values Removed | Values Added |
---|---|---|
References | () https://cxsecurity.com/issue/WLB-2022010093 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/50672 - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2022-01-27 19:15
Updated : 2024-11-21 06:34
NVD link : CVE-2021-46428
Mitre link : CVE-2021-46428
CVE.ORG link : CVE-2021-46428
JSON object : View
Products Affected
simple_chatbot_application_project
- simple_chatbot_application
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type