CVE-2023-2712
Severity CVSS v4.0:
Pending analysis
Type:
CWE-434
Unrestricted Upload of File with Dangerous Type
Publication date:
20/05/2023
Last modified:
02/08/2023
Description
Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft&#39;s E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.<br />
<br />
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:rental_module_project:rental_module:*:*:*:*:*:*:*:* | 23.05.15 (excluding) |
To consult the complete list of CPE names with products and versions, see this page