Wade Digital Design Co Ltd Fantsy vulnerabilities
2 known vulnerabilities affecting wade_digital_design_co_ltd/fantsy.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-28698P2CRITICALCVSS 9.8v2.1.82023-06-02
CVE-2023-28698 [CRITICAL] CWE-863 CVE-2023-28698: Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticat
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by modifying URL parameters to gain administrator privileges to perform arbitrary system operation or disrupt service.
nvd
CVE-2023-28699P3HIGHCVSS 8.8v2.1.82023-06-02
CVE-2023-28699 [HIGH] CWE-434 CVE-2023-28699: Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file u
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.
nvd