EUVD-2023-23732

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Critical vulnerability in xzjie cms up to 1.0.3 causes unrestricted file upload remotely via /api/upload.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-1484	18 Mar 202313:32	–	circl
CNNVD	xzjie cms 代码问题漏洞	18 Mar 202300:00	–	cnnvd
CVE	CVE-2023-1484	18 Mar 202310:00	–	cve
Cvelist	CVE-2023-1484 xzjie cms upload unrestricted upload	18 Mar 202310:00	–	cvelist
NVD	CVE-2023-1484	18 Mar 202310:15	–	nvd
OSV	CVE-2023-1484	18 Mar 202310:15	–	osv
Prion	Design/Logic Flaw	18 Mar 202310:15	–	prion
Positive Technologies	PT-2023-17021 · Xzjie Cms · Xzjie Cms	18 Mar 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-1484	23 May 202502:59	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "f5d4a0e9-90c7-3442-9530-954b4660f8c6",
        "vendor": {
          "name": "xzjie"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2cf43c24-c294-39f4-9695-adfe635b06f3",
        "product": {
          "name": "CMS"
        },
        "product_version": "1.0.0"
      },
      {
        "id": "8607bb44-515e-37d6-a219-addb5c427374",
        "product": {
          "name": "CMS"
        },
        "product_version": "1.0.3"
      },
      {
        "id": "bed177eb-0721-3d9e-b934-dcd15865ea04",
        "product": {
          "name": "CMS"
        },
        "product_version": "1.0.2"
      },
      {
        "id": "e28e3137-818c-3137-9425-3ffe90f90dc0",
        "product": {
          "name": "CMS"
        },
        "product_version": "1.0.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
gitee	www.gitee.com/xzjie/cms/issues/I6INIT

03 Oct 2025 20:07Current

7High risk

Vulners AI Score7

CVSS 3.16.3 - 9.8

CVSS 26.5

CVSS 36.3

EPSS0.00615