CVE-2020-23828

{"id": "CVE-2020-23828", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-09-15T22:15:13.317", "references": [{"url": "https://www.exploit-db.com/exploits/48704", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.sourcecodester.com/php/14251/online-course-registration.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses /Online%20Course%20Registration/my-profile.php with the POST parameter photo."}, {"lang": "es", "value": "Una vulnerabilidad de Carga de Archivos en SourceCodester Online Course Registration versi\u00f3n v1.0, permite a atacantes remotos alcanzar una Ejecuci\u00f3n de C\u00f3digo Remota (RCE) en el servidor web de alojamiento mediante la carga de un shell web PHP dise\u00f1ado que omite los filtros de carga de im\u00e1genes. Un ataque utiliza el archivo /Online%20Course%20Registration/my-profile.php con el par\u00e1metro POST photo"}], "lastModified": "2020-09-21T14:14:07.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:online_course_registration_project:online_course_registration:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "548C546F-53C6-45B2-B9ED-D573B83C1E22"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}