2 matches found
CVE-2023-26817
CVE-2023-26817 concerns CodeFever before 2023.2.7-commit-b1c2e7f, with a remote code execution flaw in the component /controllers/api/user.php. Multiple connected sources corroborate the RCE in this version range and cite a high impact (CVSS 3.1: 8.8, HIGH) with NETWORK attack vector and LOW priv...
CVE-2023-44080
CVE-2023-44080 concerns PGYER Codefever v.2023.8.14-2ce4006. A remote attacker can execute arbitrary code by sending a crafted request to the branchList component. The vulnerability is a remote code execution issue with critical impact (CVSS 3.1: High confidentiality, integrity, availability; net...