Remote Code Execution Vulnerability in juzawebCMS by juzaweb
CVE-2023-46468

7.8HIGH

Key Information:

Vendor: Juzaweb
Status: Juzaweb Cms
Vendor: CVE Published:; 28 October 2023

What is CVE-2023-46468?

A vulnerability in juzawebCMS versions prior to 3.4 allows remote attackers to execute arbitrary code. This security flaw arises from improper handling of crafted files, enabling unauthorized code execution through the custom plugin function. As a result, attackers could exploit this issue to manipulate the system or gain control over the application, emphasizing the necessity for timely updates and patching.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.sumor.top/index.php/archives/875/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2023
Vulnerability Reserved
Oct 23, 2023

JSON

Juzaweb

What is CVE-2023-46468?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.