Arbitrary File Upload Vulnerability in Best Courier Management System by Sourcecodester
CVE-2023-46004

7.2HIGH

Key Information:

Vendor: Mayurik
Status: Best Courier Management System
Vendor: CVE Published:; 18 October 2023

What is CVE-2023-46004?

The Best Courier Management System 1.0 by Sourcecodester is susceptible to an Arbitrary File Upload vulnerability within its update_user function. This flaw allows unauthorized users to upload arbitrary files to the server, potentially leading to malicious code execution and compromise of the system. Secure coding practices must be adopted to mitigate such risks.

References

https://github.com/zerrr0/Zerrr0_Vulnerability/blob/main/...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 18, 2023
Vulnerability Reserved
Oct 16, 2023

Mayurik

What is CVE-2023-46004?

References

CVSS V3.1

Timeline