3 matches found
CVE-2023-38874
creationtimestamp| type| source ---|---|--- 2023-09-28 07:49:40+00:00| seen| https://t.me/cibsecurity/71173...
CVE-2023-38874
A remote code execution RCE vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 April 2023. A malicious attacker can upload a PHP web shell as an attachment when adding a new cash book entry. Afterwards, the attacker may visit the web shell and...
CVE-2023-38874
CVE-2023-38874 affects Economizzer v0.9-beta1. The vulnerability is an insecure file upload that lets an attacker upload a PHP web shell as an attachment when adding a new cash book entry, then access the shell to execute arbitrary commands. This results in remote code execution (RCE) with high i...