Lucene search
HistoryAug 01, 2023 - 6:15 p.m.
CVE-2023-39147
cve-2023-39147
uvdesk
arbitrary file upload
vulnerability
code execution
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.1%
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.
Affected configurations
Node
webkuluvdeskMatch1.1.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| webkul:uvdesk | webkul uvdesk | eq | 1.1.3 |
Related
cvelist
cvelist
CVE-2023-39147
2023-08-01 00:00:00
packetstorm
packetstorm
Uvdesk 1.1.3 Shell Upload
2023-08-01 00:00:00
zdt
zdt
Uvdesk v1.1.3 - File Upload Remote Code Execution (Authenticated) Exploit
2023-07-31 00:00:00
nvd
nvd
CVE-2023-39147
2023-08-01 18:15:10
prion
prion
Design/Logic Flaw
2023-08-01 18:15:00
exploitdb
exploitdb
Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)
2023-07-31 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.1%
Related for CVE-2023-39147