CVE-2023-44973: Malicious File Upload
First published: Tue Oct 03 2023(Updated: )
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Emlog Emlog | =2.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2023-44973.
What is the severity level of CVE-2023-44973?
CVE-2023-44973 has a severity level of critical (9.8).
What software versions are affected by CVE-2023-44973?
Emlog Pro v2.2.0 is affected by CVE-2023-44973.
How can attackers exploit CVE-2023-44973?
Attackers can exploit CVE-2023-44973 by uploading a crafted PHP file through /content/templates/ component, which allows them to execute arbitrary code.
Is there a fix available for CVE-2023-44973?
There is no information available about a fix for CVE-2023-44973. It is recommended to contact the software vendor for further guidance.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/emlog
- canonical/emlog emlog
- version/emlog emlog/2.2.0