Unrestricted Upload Vulnerability in CodeAstro POS System 1.0

Unrestricted Upload Vulnerability in CodeAstro POS System 1.0

CVE-2023-5795 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243601 was assigned to this vulnerability.

Learn more about our Web Application Penetration Testing UK.