CVE-2023-37151

Sourcecodester Online Pizza Ordering System v1.0 allows the upload of malicious PHP files resulting in Remote Code Execution (RCE).

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

02 Aug 2023, 15:15

Type	Values Removed	Values Added
References		(MISC) https://www.chtsecurity.com/news/50227a91-34ee-4b2d-9c84-954860488202 - (MISC) https://www.chtsecurity.com/news/8b7ace7d-c5b0-42a9-99b6-8fd0814ed7be -

13 Jul 2023, 18:41

Type	Values Removed	Values Added
CWE		CWE-434
CPE		cpe:2.3:a:online_pizza_ordering_system_project:online_pizza_ordering_system:1.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
References	~~(MISC) https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Pizza%20Ordering%20System%201.0.md -~~	(MISC) https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Pizza%20Ordering%20System%201.0.md - Exploit, Third Party Advisory
References	~~(MISC) https://www.exploit-db.com/exploits/51431 -~~	(MISC) https://www.exploit-db.com/exploits/51431 - Third Party Advisory, VDB Entry

10 Jul 2023, 16:27

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-07-10 16:15

Updated : 2024-02-04 23:37

NVD link : CVE-2023-37151

Mitre link : CVE-2023-37151

CVE.ORG link : CVE-2023-37151

JSON object : View

Products Affected

No product.

CWE

No CWE.