Vulnerability Description
A vulnerability classified as critical was found in Campcodes Chic Beauty Salon 20230703. Affected by this vulnerability is an unknown functionality of the file product-list.php of the component Product Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249157 was assigned to this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Campcodes | Chic Beauty Salon | 20230703 |
Related Weaknesses (CWE)
References
- https://github.com/laoquanshi/-Arbitrary-file-upload-vulnerability-Third Party Advisory
- https://github.com/laoquanshi/Chic-Vulnerability-Product
- https://vuldb.com/?ctiid.249157Permissions RequiredVDB Entry
- https://vuldb.com/?id.249157Permissions RequiredThird Party AdvisoryVDB Entry
- https://github.com/laoquanshi/-Arbitrary-file-upload-vulnerability-Third Party Advisory
- https://github.com/laoquanshi/Chic-Vulnerability-Product
- https://vuldb.com/?ctiid.249157Permissions RequiredVDB Entry
- https://vuldb.com/?id.249157Permissions RequiredThird Party AdvisoryVDB Entry
FAQ
What is CVE-2023-7150?
CVE-2023-7150 is a vulnerability with a CVSS score of 4.7 (MEDIUM). A vulnerability classified as critical was found in Campcodes Chic Beauty Salon 20230703. Affected by this vulnerability is an unknown functionality of the file product-list.php of the component Produ...
How severe is CVE-2023-7150?
CVE-2023-7150 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-7150?
Check the references section above for vendor advisories and patch information. Affected products include: Campcodes Chic Beauty Salon.