Unrestricted File Upload Vulnerability in Rental Module Allows Command Injection and Web Shell Upload

Unrestricted File Upload Vulnerability in Rental Module Allows Command Injection and Web Shell Upload

CVE-2023-2712 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.

Learn more about our Web App Pen Testing.