Vulnerability CVE-2023-39147
Published: 2023-08-01

Description:
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.

See advisories in our WLB2 database:
Topic
Author
Date
High
Uvdesk 1.1.3 Shell Upload
Daniel Barros
01.08.2023

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

 References:
https://docs.google.com/document/d/1uv9DjHmKuDxZIjNhWX05EsxHEp8fGalXB7XK-QSyr_0/edit?usp=sharing
Copyright 2024, cxsecurity.com

 

Back to Top