File Upload Vulnerability Allows Remote Attackers to Run Arbitrary Code
CVE-2023-26690

Currently unrated

Key Information:

Vendor: CS-Cart
Status: Cs-cart Multivendor
Vendor: CVE Published:; 25 September 2024

What is CVE-2023-26690?

A file upload vulnerability exists in the File Manager/Editor component of CS-Cart MultiVendor 4.16.1, enabling remote attackers to execute arbitrary code. This flaw arises from inadequate input validation when handling uploaded files, potentially allowing the launch of malicious scripts or commands without proper authentication. Exploring this issue is critical for users to safeguard their applications and mitigate the risks associated with unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.cs-cart.com/multivendor.html

https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-266...

Timeline

Vulnerability published
Sep 25, 2024
Vulnerability Reserved
Feb 27, 2023

JSON

CS-Cart

What is CVE-2023-26690?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.