CVE-2023-7150 – Campcodes Chic Beauty Salon Product product-list.php unrestricted upload

https://notcve.org/view.php?id=CVE-2023-7150

A vulnerability classified as critical was found in Campcodes Chic Beauty Salon 20230703. Affected by this vulnerability is an unknown functionality of the file product-list.php of the component Product Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/laoquanshi/-Arbitrary-file-upload-vulnerability- https://github.com/laoquanshi/Chic-Vulnerability- https://vuldb.com/?ctiid.249157 https://vuldb.com/?id.249157 • CWE-434: Unrestricted Upload of File with Dangerous Type •