CVE-2023-1415
6.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the identifier assigned to this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Simple Art Gallery | 1.0 | affected |
Weaknesses
- CWE-434: CWE-434 Unrestricted Upload
ADP Enrichment
CVE Program Container
Additional References
- https://vuldb.com/?id.223126
- https://vuldb.com/?ctiid.223126
- https://github.com/0xxtoby/Vuldb/blob/main/SIMPLE%20ART%20GALLERY%20system%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://vuldb.com/?id.223126
- https://vuldb.com/?ctiid.223126
- https://github.com/0xxtoby/Vuldb/blob/main/SIMPLE%20ART%20GALLERY%20system%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.