Arbitrary file upload in Simple_and_nice_shopping_cart_script_project Simple_and_nice_shopping_cart_script
CVE-2023-1497
A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. It has been rated as critical. This issue affects some unknown processing of the file uploaderm.php. The manipulation of the argument submit leads to unr…
Vulnerability class: Unrestricted File Upload
EPSS: 0.007 (49.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.
Affected products
Weakness classification (CWE)
References
- cna@vuldb.com (technical-description, Third Party Advisory, vdb-entry)
- cna@vuldb.com (signature, Permissions Required, permissions-required, Third Party Advisory)
- cna@vuldb.com (exploit, Broken Link)
Frequently asked questions
- What is CVE-2023-1497?
- CVE-2023-1497 is a medium-severity vulnerability in Simple_and_nice_shopping_cart_script_project Simple_and_nice_shopping_cart_script, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 6.3/10. Published 2023-03-19.
- How severe is CVE-2023-1497?
- Medium severity. CVSS v3 base score is 6.3 out of 10.