Lucene search
K

48 matches found

OSV
OSV
added 2023/08/21 5:15 p.m.31 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

8.8CVSS8.1AI score
Exploits0References3
NVD
NVD
added 2023/08/21 5:15 p.m.48 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

8.8CVSS8.8AI score0.73027EPSS
Exploits8References3
CNNVD
CNNVD
added 2023/08/21 12:0 a.m.5 views

BoidCMS 代码问题漏洞

BoidCMS is a free open source flat file CMS for building simple websites and blogs, developed in PHP and using JSON as the database. A code issue vulnerability exists in BoidCMS version v.2.0.0, which originates from a vulnerability that allows remote attackers to execute arbitrary code via the G...

8.8CVSS8.6AI score0.73027EPSS
Exploits8References6
Vulnrichment
Vulnrichment
added 2023/08/21 12:0 a.m.16 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

7.7AI score0.73027EPSS
Exploits8References2
CVE
CVE
added 2023/08/21 12:0 a.m.164 views

CVE-2023-38836

CVE-2023-38836 — BoidCMS 2.0.0 (and below) suffers an authenticated file-upload vulnerability that allows a malicious user to upload a PHP file disguised as media with a GIF header, bypassing MIME type checks and leading to remote code execution. Public references (Metasploit module, PacketStorm/...

8.8CVSS8.8AI score0.73027EPSS
Exploits8References3Affected Software1
Cvelist
Cvelist
added 2023/08/21 12:0 a.m.59 views

CVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks...

9.1AI score0.73027EPSS
Exploits8References2
GithubExploit
GithubExploit
added 2023/08/16 2:30 p.m.611 views

Exploit for Unrestricted Upload of File with Dangerous Type in Boidcms

CVE-2023-38836 Exploit File Upload vulnerability in BoidCMS v...

8.8CVSS8.6AI score0.73027EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.6 views

PT-2023-26619 · Boidcms · Boidcms

Name of the Vulnerable Software and Affected Versions: BoidCMS version 2.0.0 Description: A remote attacker can execute arbitrary code by exploiting a file upload vulnerability in BoidCMS. This is achieved by adding a GIF header to bypass MIME type checks, allowing the attacker to execute code vi...

8.8CVSS8.9AI score0.73027EPSS
Exploits8References13
Rows per page
Query Builder