CVE-2023-2523 – Weaver E-Office unrestricted upload

https://notcve.org/view.php?id=CVE-2023-2523

04 May 2023 — A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. • https://github.com/Any3ite/CVE-2023-2523 • CWE-434: Unrestricted Upload of File with Dangerous Type •