1 results (0.003 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2023-39147 – Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)
https://notcve.org/view.php?id=CVE-2023-39147
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file. Una vulnerabilidad de carga de archivos arbitrarios en Uvdesk 1.1.3 permite a los atacantes ejecutar código arbitrario mediante la carga de un archivo de imagen manipulado. Uvdesk version 1.1.3 suffers from a remote shell upload vulnerability. • https://www.exploit-db.com/exploits/51639 http://packetstormsecurity.com/files/173878/Uvdesk-1.1.3-Shell-Upload.html https://docs.google.com/document/d/1uv9DjHmKuDxZIjNhWX05EsxHEp8fGalXB7XK-QSyr_0/edit?usp=sharing • CWE-434: Unrestricted Upload of File with Dangerous Type •