Lucene search
MitreCVE-2023-37602HistoryJul 20, 2023 - 7:15 p.m.
CVE-2023-37602
2023-07-2019:15:10
CWE-79
mitre
web.nvd.nist.gov
42
cve-2023-37602
arbitrary file upload
alkacon opencms v15.0
workplace explorer
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
55.5%
An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.
Affected configurations
Node
alkaconopencmsMatch15.0.0
References
Related
nvd
nvd
CVE-2023-37602
2023-07-20 19:15:10
osv
osv
CVE-2023-37602
2023-07-20 19:15:10
Alkacon OpenCMS arbitrary file upload vulnerability
2023-07-20 21:30:58
veracode
veracode
Cross Site Scripting (XSS)
2023-07-25 05:21:39
prion
prion
Privilege escalation
2023-07-20 19:15:00
cvelist
cvelist
CVE-2023-37602
2023-07-20 00:00:00
github
github
Alkacon OpenCMS arbitrary file upload vulnerability
2023-07-20 21:30:58
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
55.5%
Related for CVE-2023-37602