2 matches found
CVE-2023-7159
A vulnerability was found in gopeak MasterLab up to 3.3.10. It has been declared as critical. Affected by this vulnerability is the function add/update of the file app/ctrl/admin/User.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be launched remotely. T...
CVE-2023-7159
CVE-2023-7159 affects gopeak MasterLab up to version 3.3.10. The vulnerability lies in the function add/update in app/ctrl/admin/User.php where manipulating the avatar argument enables unrestricted file upload. Exploitation can be remote and public disclosures exist. Components: affected software...