A vulnerability was found in UCMS 1.6 and classified as critical. This issue affects some unknown processing of the file sadmin/fileedit.php of the component System File Management Module. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-222683.
References
Link | Resource |
---|---|
https://github.com/yztale/taley/blob/main/README.md | Broken Link |
https://vuldb.com/?ctiid.222683 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.222683 | Third Party Advisory VDB Entry |
https://github.com/yztale/taley/blob/main/README.md | Broken Link |
https://vuldb.com/?ctiid.222683 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.222683 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 07:38
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/yztale/taley/blob/main/README.md - Broken Link | |
References | () https://vuldb.com/?ctiid.222683 - Permissions Required, Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?id.222683 - Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 6.3 |
Information
Published : 2023-03-09 22:15
Updated : 2024-11-21 07:38
NVD link : CVE-2023-1303
Mitre link : CVE-2023-1303
CVE.ORG link : CVE-2023-1303
JSON object : View
Products Affected
ucms_project
- ucms
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type