Lucene search
China National Vulnerability DatabaseCNVD-2023-29396HistoryApr 07, 2023 - 12:00 a.m.
Online Computer and Laptop Store Arbitrary File Upload Vulnerability
2023-04-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
online computer and laptop store
arbitrary file upload
vulnerability
lack of validation
remote code execution
php-ocls.
EPSS
0.01
Percentile
84.0%
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero’s personal developer. Online Computer and Laptop Store v1.0 is vulnerable to arbitrary file uploads. The vulnerability stems from a lack of validation of uploaded files in the php-ocls\admin\system_info\index.php parameter img, which could be exploited to upload malicious files and remotely execute arbitrary code remotely.
Related
nvd
nvd
CVE-2023-1826
2023-04-04 09:15:07
exploitdb
exploitdb
Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)
2023-04-10 00:00:00
zdt
zdt
Online Computer and Laptop Store 1.0 - Remote Code Execution Exploit
2023-04-10 00:00:00
packetstorm
packetstorm
Online Computer And Laptop Store 1.0 Shell Upload
2023-04-10 00:00:00
cvelist
cvelist
cve
cve
CVE-2023-1826
2023-04-04 09:15:07
prion
prion
Design/Logic Flaw
2023-04-04 09:15:00