CVE-2023-45952: Malicious File Upload
First published: Tue Oct 17 2023(Updated: )
An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| LyLme Spage | =1.7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this arbitrary file upload vulnerability?
The vulnerability ID for this arbitrary file upload vulnerability is CVE-2023-45952.
What is the affected software of this vulnerability?
The affected software of this vulnerability is Lylme Spage v1.7.0.
How can attackers exploit this vulnerability?
Attackers can exploit this vulnerability by uploading a crafted file.
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is critical.
Is there a fix available for this vulnerability?
There is no information available about a specific fix for this vulnerability at the moment. It is recommended to check with the vendor for any security patches or updates.
- collector/nvd-index
- agent/author
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/lylme
- canonical/lylme spage
- version/lylme spage/1.7.0