PT-2023-23236 · Amadercode · Dropshipping & Affiliation With Amazon

Spacecroupier

Publicado

2023-12-20

Atualizado

2023-12-28

CVE-2023-31215

CVSS v3.1

9.9

Crítica

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dropshipping & Affiliation with Amazon versions n/a through 2.1.2

Description The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon. This allows for the upload of files with potentially dangerous types, which could lead to security issues.

Recommendations For versions n/a through 2.1.2, consider restricting file uploads to only allow safe file types until a patch is available. As a temporary workaround, consider disabling file upload functionality in Dropshipping & Affiliation with Amazon until a fix is released.

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2023-31215

Produtos afetados

Dropshipping & Affiliation With Amazon

PT-2023-23236 · Amadercode · Dropshipping & Affiliation With Amazon

CVE-2023-31215

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6