CVE-2023-31857 β€” Unrestricted File Upload in Online Computer AND Laptop Store

CWE-434 β€” Unrestricted File Upload3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
1.5%
top 19.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oretnom23 Online Computer AND Laptop Store
Timeline
PublishedMay 16

Description

Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is /classes/Users.php?f=save.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
CVEList
CVE-2023-31857: Sourcecodester Online Computer and Laptop Store 1β†—2023-05-16
β–Ά
GHSA
GHSA-7w46-x28p-cmr7: Sourcecodester Online Computer and Laptop Store 1β†—2023-05-16
β–Ά
CVE-2023-31857 β€” Unrestricted File Upload | cvebase