In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute scripts to trigger command execution.
References
Link | Resource |
---|---|
https://github.com/vedees/wcms/issues/15 | Exploit Issue Tracking |
https://github.com/vedees/wcms/issues/15 | Exploit Issue Tracking |
Configurations
History
21 Nov 2024, 08:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/vedees/wcms/issues/15 - Exploit, Issue Tracking |
27 May 2023, 02:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wcms:wcms:0.3.2:*:*:*:*:*:*:* | |
First Time |
Wcms
Wcms wcms |
|
References | (MISC) https://github.com/vedees/wcms/issues/15 - Exploit, Issue Tracking | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-434 |
Information
Published : 2023-05-22 20:15
Updated : 2024-11-21 08:02
NVD link : CVE-2023-31689
Mitre link : CVE-2023-31689
CVE.ORG link : CVE-2023-31689
JSON object : View
Products Affected
wcms
- wcms
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type