Lucene search
K

4 matches found

Circl
Circl
added 2024/01/01 6:51 a.m.7 views

CVE-2023-6120

creationtimestamp| type| source ---|---|--- 2024-01-01 06:51:31+00:00| seen| https://t.me/ctinow/161204...

4.1CVSS6.1AI score0.00458EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/12/11 12:0 a.m.19 views

WordPress Welcart e-Commerce Plugin <= 2.9.6 is vulnerable to Path Traversal

Software Welcart e-Commerce Type Plugin Vulnerable versions = 2.9.6 Fixed in 2.9.7 OWASP Top 10 A5: Security Misconfiguration Classification Path Traversal CVE CVE-2023-6120 Patch priority Medium CVSS severity Medium 4.1 Developer Claim ownership PSID 545792f26683 Credits Marco Wotschka Required...

4.1CVSS6.4AI score0.00458EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/12/09 7:15 a.m.19 views

CVE-2023-6120

The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...

4.1CVSS0.00458EPSS
Exploits0References3
CVE
CVE
added 2023/12/09 6:52 a.m.71 views

CVE-2023-6120

CVE-2023-6120 (Welcart e-Commerce, WordPress) is a directory-traversal vulnerability in the plugin’s upload_certificate_file function, affecting all versions up to and including 2.9.6. An authenticated administrator can upload .pem or .crt files to arbitrary server locations, enabling potential f...

4.1CVSS4.3AI score0.00458EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder