Lucene search
GoogleOSV:CVE-2023-38836HistoryAug 21, 2023 - 5:15 p.m.
CVE-2023-38836
2023-08-2117:15:47
Google
osv.dev
12
cve-2023-38836
file upload
remote code execution
mime type check bypass
boidcms
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
0.673 Medium
EPSS
Percentile
98.0%
File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.
Related
cve
cve
CVE-2023-38836
2023-08-21 17:15:47
zdt
zdt
BoidCMS v2.0.0 - authenticated file upload Exploit
2023-10-09 00:00:00
BoidCMS 2.0.0 Command Injection Exploit
2024-03-02 00:00:00
metasploit
metasploit
BoidCMS Command Injection
2024-02-12 23:44:24
cvelist
cvelist
CVE-2023-38836
2023-08-21 00:00:00
githubexploit
githubexploit
Exploit for Unrestricted Upload of File with Dangerous Type in Boidcms
2023-08-16 14:30:30
nvd
nvd
CVE-2023-38836
2023-08-21 17:15:47
prion
prion
Unrestricted file upload
2023-08-21 17:15:00
packetstorm
packetstorm
BoidCMS 2.0.0 Shell Upload
2023-10-10 00:00:00
BoidCMS 2.0.0 Command Injection
2024-03-01 00:00:00
exploitdb
exploitdb
BoidCMS v2.0.0 - authenticated file upload vulnerability
2023-10-09 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up 03/08/2024
2024-03-08 17:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
Low
0.673 Medium
EPSS
Percentile
98.0%
Related for OSV:CVE-2023-38836