Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 4:16 a.m.8 views

CVE-2023-48217

Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...

8.8CVSS6.9AI score0.01104EPSS
Exploits0
nvd
nvd
added 2023/11/14 10:15 p.m.34 views

CVE-2023-48217

Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...

8.8CVSS0.01104EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2023/11/14 9:38 p.m.12 views

CVE-2023-48217 Remote code execution via form uploads in statamic/cms

Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...

8.8CVSS6.9AI score0.01104EPSS
Exploits0References2
cvelist
cvelist
added 2023/11/14 9:38 p.m.34 views

CVE-2023-48217 Remote code execution via form uploads in statamic/cms

Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...

8.8CVSS9AI score0.01104EPSS
Exploits0References2
cve
cve
added 2023/11/14 9:38 p.m.169 views

CVE-2023-48217

Statamic CMS vulnerability CVE-2023-48217 affects forms and asset upload fields where additional PHP files crafted to look like images could bypass mime-type validation, enabling potential code execution. Impact is tied to affected versions before patch: 3.4.14 and 4.34.0. Remediation is to upgra...

8.8CVSS8.7AI score0.01104EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder