PT-2023-32910 · Unknown · Campcodes Chic Beauty Salon
Heishou
·
Published
2023-12-28
·
Updated
2024-05-17
·
CVE-2023-7150
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Campcodes Chic Beauty Salon version 20230703
Description
A critical vulnerability was found in the Product Handler component of the affected software, specifically in the file product-list.php. This vulnerability allows for unrestricted upload and can be exploited remotely. The exploit has been disclosed to the public.
Recommendations
For Campcodes Chic Beauty Salon version 20230703, consider disabling the
product-list.php file or restricting access to it until a patch is available to prevent unrestricted upload. Additionally, restrict access to the Product Handler component to minimize the risk of exploitation.Exploit
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Campcodes Chic Beauty Salon