CVE-2023-38947

Exploit

EPSS 0.16%
Veröffentlicht 03.08.2023 16:15:12
Zuletzt bearbeitet 21.11.2024 08:14:30
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wbce ≫ Wbce Cms Version1.6.1 Update-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.371

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

CWE-616 Incomplete Identification of Uploaded File Variables (PHP)

The PHP application uses an old method for processing uploaded files by referencing the four global variables that are set for each file (e.g. $varname, $varname_size, $varname_name, $varname_type). These variables could be overwritten by attackers, causing the application to process unauthorized files.

https://gitee.com/CTF-hacker/pwn/issues/I7LH2N

Third Party Advisory

Exploit

Issue Tracking

https://github.com/capture0x/WBCE_CMS

https://packetstormsecurity.com/files/176018/WBCE-CMS-1.6.1-Shell-Upload.html

https://nvd.nist.gov/vuln/detail/CVE-2023-38947

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-38947

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-38947

EUVD