CVE-2023-2712

Severity CVSS v4.0:
Pending analysis
Type:
CWE-434 Unrestricted Upload of File with Dangerous Type
Publication date:
20/05/2023
Last modified:
02/08/2023

Description

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft&amp;#39;s E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.<br /> <br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:rental_module_project:rental_module:*:*:*:*:*:*:*:* 23.05.15 (excluding)


References to Advisories, Solutions, and Tools