cbcvebase.
CVE-2023-47253
published 2023-11-06

CVE-2023-47253: Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php…

PriorityP187critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
14.42%
96.2th percentile
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
qualitorqualitor<= 8.20

Detection & IOCsextracted from sources · hover to see the quote

path/html/ad/adpesquisasql/request/processVariavel.php
url/html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system("ipconfig");
commandgridValoresPopHidden=echo%20system("ipconfig");
  • Look for GET requests targeting /html/ad/adpesquisasql/request/processVariavel.php with a non-empty or PHP-containing gridValoresPopHidden parameter — this is the sole injection vector for CVE-2023-47253.
  • The exploit requires no authentication (PR:N, UI:N per CVSS), so any unauthenticated request to the vulnerable endpoint with PHP payload in gridValoresPopHidden should be treated as an active exploitation attempt.
  • ·The PoC command used in the Nuclei template targets Windows hosts (ipconfig / DNS output); detection logic checking for Windows-specific command output will miss exploitation attempts against Linux-hosted Qualitor instances.
  • ·Affected versions are Qualitor through 8.20 (CPE cpe:2.3:a:qualitor:qalitor:*); version 8.21+ is remediated — scope detection rules to assets running ≤8.20.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.