CVE-2023-53869
WEBIGniter 28.7.23 Unrestricted File Upload Remote Code Execution
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
WebIGniter · WebIGniterWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →