code-projects Simple Photo Gallery unrestricted upload
CVE-2023-2776

6.3MEDIUM

Key Information:

Vendor: Code-projects
Status: Simple Photo Gallery
Vendor: CVE Published:; 17 May 2023

🔔 Create Code-projects Vulnerability Alert

What is CVE-2023-2776?

A serious file upload vulnerability exists in Simple Photo Gallery version 1.0 by Code-Projects. This flaw allows attackers to perform unrestricted file uploads, which can lead to the execution of malicious files on the server. The vulnerability can be exploited remotely without the need for authentication, posing significant risks to web applications using this product. For more information about this vulnerability, refer to VDB-229282.

Affected Version(s)

Simple Photo Gallery 1.0

References

https://vuldb.com/?id.229282

vdb-entry

https://vuldb.com/?ctiid.229282

signaturepermissions-required

https://gitee.com/zyz0103/system-vul/blob/master/Simple%2...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2023
Vulnerability Reserved
May 17, 2023

Credit

zyz1 (VulDB User)