Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:6 a.m.8 views

CVE-2023-47621

Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...

8.8CVSS7.1AI score0.01022EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/15 8:7 a.m.13 views

Remote Code Execution (RCE)

guest-entries is vulnerable to Remote Code Execution RCE. The vulnerability is due to the uploadFile function in GuestEntryController.php, as there are no checks for the file type being uploaded. This allows attackers to upload and potentially execute malicious PHP files...

8.8CVSS8.1AI score0.01022EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2023/11/14 6:48 p.m.22 views

GHSA-RW82-MHMX-GRMJ Guest Entries Remote code execution via file uploads

Impact When using the file uploads feature, it was possible to upload PHP files. Patches The vulnerability is fixed in v3.1.2...

8.8CVSS8.6AI score0.01022EPSS
Exploits0References4
NVD
NVD
added 2023/11/13 8:15 p.m.22 views

CVE-2023-47621

Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...

8.8CVSS0.01022EPSS
Exploits0References2
Prion
Prion
added 2023/11/13 8:15 p.m.21 views

Design/Logic Flaw

Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...

6.5CVSS7.4AI score0.01022EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/13 8:2 p.m.11 views

CVE-2023-47621 Remote code execution via file uploads in guest-entries

Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...

8.8CVSS7.1AI score0.01022EPSS
Exploits0References2
CVE
CVE
added 2023/11/13 8:2 p.m.51 views

CVE-2023-47621

CVE-2023-47621 affects the Guest Entries PHP library. In affected versions, the file uploads feature does not validate uploaded content, allowing authenticated users to upload PHP files that may lead to remote code execution on the server. The issue is explicitly fixed in version 3.1.2; upgrading...

8.8CVSS8.7AI score0.01022EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/13 8:2 p.m.24 views

CVE-2023-47621 Remote code execution via file uploads in guest-entries

Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...

8.8CVSS9AI score0.01022EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/13 12:0 a.m.6 views

Guest Entries Security Breach

Guest Entries is a web tool for website management. A security vulnerability exists in Guest Entries versions prior to 3.1.2, which stems from a file upload vulnerability. An attacker can exploit this vulnerability to execute code on the server...

8.8CVSS7.4AI score0.01022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/13 12:0 a.m.5 views

PT-2023-30518 · Unknown · Guest Entries

Name of the Vulnerable Software and Affected Versions: Guest Entries versions prior to 3.1.2 Description: The file uploads feature in Guest Entries did not prevent the upload of PHP files, which may lead to code execution on the server by authenticated users. Recommendations: For versions prior t...

8.8CVSS8.8AI score0.01022EPSS
Exploits0References8
Rows per page
Query Builder