Lucene search
HistoryApr 28, 2023 - 10:15 p.m.
CVE-2023-24269
cve-2023-24269
textpattern
file upload vulnerability
arbitrary code execution
zip
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.0%
An arbitrary file upload vulnerability in the plugin upload function of Textpattern v4.8.8 allows attackers to execute arbitrary code via a crafted Zip file.
Affected configurations
Node
textpatterntextpatternMatch4.8.8-
| CPE | Name | Operator | Version |
|---|---|---|---|
| textpattern:textpattern | textpattern | eq | 4.8.8 |
Related
osv
osv
CVE-2023-24269
2023-04-28 22:15:08
nvd
nvd
CVE-2023-24269
2023-04-28 22:15:08
cvelist
cvelist
CVE-2023-24269
2023-04-28 00:00:00
prion
prion
Design/Logic Flaw
2023-04-28 22:15:00
openvas
openvas
Textpattern CMS <= 4.8.8 Multiple Arbitrary File Upload Vulnerabilities
2023-04-17 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.0%
Related for CVE-2023-24269