CVE-2023-33440: Code Injection
First published: Fri May 26 2023(Updated: )
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.
Credit: URGAN cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Faculty Evaluation System Project Faculty Evaluation System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-33440?
CVE-2023-33440 is a vulnerability in Sourcecodester Faculty Evaluation System v1.0 that allows arbitrary code execution via /eval/ajax.php?action=save_user.
How severe is CVE-2023-33440?
CVE-2023-33440 has a severity value of 7.2 (High).
Is Sourcecodester Faculty Evaluation System v1.0 affected by CVE-2023-33440?
Yes, Sourcecodester Faculty Evaluation System v1.0 is affected by CVE-2023-33440.
How can I mitigate the arbitrary code execution vulnerability in Faculty Evaluation System Project Faculty Evaluation System 1.0?
To mitigate the arbitrary code execution vulnerability, ensure to apply the latest security patches provided by the vendor.
- exploited/true
- collector/exploitdb-recent
- alias/CVE-2023-33440
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/faculty evaluation system project
- canonical/faculty evaluation system project faculty evaluation system
- version/faculty evaluation system project faculty evaluation system/1.0