CVE-2023-45554

2023-10-2400:00:00

mitre

www.cve.org

file upload

zzzcms v.2.1.9

remote code execution

cve-2023-45554

9.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.8%

JSON

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp.

References

github.com/96xiaopang/Vulnerabilities/blob/main/zzzcms%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0_en.md