Zercurity data services
  • Expand groupSummary
  • Applications (0)
  • Packages (0)
  • System updates (0)
  • Operating systems (0)

CVE-2023-1484

Description
A vulnerability was found in xzjie cms up to 1.0.3 and classified as critical. This issue affects some unknown processing of the file /api/upload. The manipulation of the argument uploadFile leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-223367.
  • Risk: 10
CVSSv3
    CVSSv2

      Raw Object

      {
  "uuid": "15172e0d-575c-7346-105a-44026d7a565e",
  "name": "CVE-2023-1484",
  "description": "A vulnerability was found in xzjie cms up to 1.0.3 and classified as critical. This issue affects some unknown processing of the file /api/upload. The manipulation of the argument uploadFile leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-223367.",
  "cvss": null,
  "score": 0,
  "severity": "NONE",
  "cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "score3": 9.8,
  "severity3": "CRITICAL",
  "applications": [],
  "packages": [],
  "updates": [],
  "os": [],
  "risk": 10,
  "created_at": "2023-03-18T10:15:00+00:00",
  "updated_at": "2023-03-24T18:30:00+00:00",
  "deleted_at": null
}