CVE-2023-44061

File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:simple_and_nice_shopping_cart_script_project:simple_and_nice_shopping_cart_script:1.0:*:*:*:*:*:*:*

History

10 Oct 2023, 17:22

Type Values Removed Values Added
CPE cpe:2.3:a:simple_and_nice_shopping_cart_script_project:simple_and_nice_shopping_cart_script:1.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
References (MISC) https://github.com/soundarkutty/File-upload-Restriction-bypass/blob/main/poc.md - (MISC) https://github.com/soundarkutty/File-upload-Restriction-bypass/blob/main/poc.md - Exploit, Third Party Advisory
First Time Simple And Nice Shopping Cart Script Project simple And Nice Shopping Cart Script
Simple And Nice Shopping Cart Script Project
CWE CWE-434

06 Oct 2023, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-06 23:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-44061

Mitre link : CVE-2023-44061

CVE.ORG link : CVE-2023-44061


JSON object : View

Products Affected

simple_and_nice_shopping_cart_script_project

  • simple_and_nice_shopping_cart_script
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type