CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability, which was classified as critical, was found in gopeak MasterLab up to 3.3.10. Affected is the function base64ImageContent of the file app/ctrl/User.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. VDB-249150 i...

9.8CVSS7AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:30 a.m.•2 views

CVE-2023-7146

A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...

9.8CVSS7.4AI score0.00111EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:14 p.m.•3 views

CVE-2020-23534

A server-side request forgery SSRF vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter...

9.8CVSS7AI score0.00316EPSS

Exploits1

NVD•added 2023/12/29 7:15 a.m.•12 views

CVE-2023-7159

A vulnerability was found in gopeak MasterLab up to 3.3.10. It has been declared as critical. Affected by this vulnerability is the function add/update of the file app/ctrl/admin/User.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be launched remotely. T...

9.8CVSS0.00111EPSS

Exploits0References4

OSV•added 2023/12/29 7:15 a.m.•4 views

CVE-2023-7159

9.8CVSS6.9AI score

Exploits0References4

Prion•added 2023/12/29 7:15 a.m.•14 views

Out-of-bounds

5.8CVSS7.2AI score0.00111EPSS

Exploits0References4Affected Software1

CVE•added 2023/12/29 7:0 a.m.•50 views

CVE-2023-7159

CVE-2023-7159 affects gopeak MasterLab up to version 3.3.10. The vulnerability lies in the function add/update in app/ctrl/admin/User.php where manipulating the avatar argument enables unrestricted file upload. Exploitation can be remote and public disclosures exist. Components: affected software...

9.8CVSS7.1AI score0.00111EPSS

Exploits0References4Affected Software1

Cvelist•added 2023/12/29 7:0 a.m.•17 views

CVE-2023-7159 gopeak MasterLab User.php update unrestricted upload

5.8CVSS9.7AI score0.00111EPSS

Exploits0References4

NVD•added 2023/12/29 3:15 a.m.•8 views

CVE-2023-7147

9.8CVSS0.00165EPSS

Exploits0References3

OSV•added 2023/12/29 3:15 a.m.•4 views

CVE-2023-7147

9.8CVSS6.9AI score

Exploits0References3

Prion•added 2023/12/29 3:15 a.m.•13 views

Design/Logic Flaw

6.5CVSS7.2AI score0.00165EPSS

Exploits0References3Affected Software1

CVE•added 2023/12/29 2:31 a.m.•53 views

CVE-2023-7147

CVE-2023-7147 affects gopeak MasterLab up to 3.3.10. The vulnerability is in the function base64ImageContent in app/ctrl/User.php; manipulation of the image argument allows unrestricted file upload and can be triggered remotely. No exploit details are provided in the documents. Remediation/status...

9.8CVSS8AI score0.00165EPSS

Exploits0References3Affected Software1

OSV•added 2023/12/29 2:15 a.m.•3 views

CVE-2023-7145

A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

9.8CVSS7.4AI score

Exploits0References3

NVD•added 2023/12/29 2:15 a.m.•8 views

CVE-2023-7146

9.8CVSS0.00111EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by