2 matches found
CVE-2023-25402
CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload...
CVE-2023-25402
The CVE-2023-25402 entry concerns CleverStupidDog yf-exam 1.8.0. The Red Hat, NVD, and other sources confirm an unrestricted file upload vulnerability caused by no suffix/file-type validation, enabling uploading of arbitrary files. Impact stated: potential for arbitrary file upload with high inte...