CVE-2023-5636

EPSS 1.68%
Veröffentlicht 01.12.2023 14:15:08
Zuletzt bearbeitet 20.05.2026 16:16:22
Quelle iletisim@usom.gov.tr
CVE-Watchlists
Login
Unerledigt
Login

Malicious File Upload in ArslanSoft's Education Portal

Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.

This issue affects Education Portal: before v1.1.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Arslansoft Education Portal Project ≫ Arslansoft Education Portal Version < 1.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.68%	0.739

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
iletisim@usom.gov.tr	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://www.usom.gov.tr/bildirim/tr-23-0670

Third Party Advisory

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0670

https://nvd.nist.gov/vuln/detail/CVE-2023-5636

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5636

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5636

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-5636