CyberSec.Space Logo
返回 CVE 浏览器

CVE-2023-2712

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0560%
EPSS Percentile10.74th
Published2023年5月20日
Last Modified2026年5月22日

Vulnerability Description

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server. This issue affects Rental Module: before 23.05.15.

Affected Platforms (CPE)

📦
Rental Module Project

Rental Module

< 23.05.15

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0276
🔗 https://www.usom.gov.tr/bildirim/tr-23-0276
🔗 https://www.usom.gov.tr/bildirim/tr-23-0276

相关漏洞威胁

CVE-2023-27139.8

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-comme...

CVE-2012-43246.8

Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation Rental Script allows remote attackers to hijack the authent...

CVE-2021-257905.4

Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allow...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...