← back
CVE-2023-5795

CodeAstro POS System Profile Picture profil unrestricted upload

CVSS 6.3 MEDIUMEPSS 0.8%CWE-434
A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243601 was assigned to this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
CodeAstro · POS System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://drive.google.com/file/d/1bjDpJdG28Q5-RGJB89Dzw6YzZ1VHN23X/view?usp=sharinghttps://vuldb.com/?ctiid.243601https://vuldb.com/?id.243601