How severe is CVE-2023-38947?

CVE-2023-38947 has a CVSS v3 score of 7.2 (HIGH).

CVE-2023-38947

Name: wbce_cms
Author: wbce

7.2HIGH

An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.

Published: 8/3/2023Updated: 11/21/2024

Description

An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.

AI AnalysisPowered by AI

Affected Products

wbcewbce_cms

1.6.1

References

https://gitee.com/CTF-hacker/pwn/issues/I7LH2N
ExploitIssue TrackingThird Party Advisory
https://github.com/capture0x/WBCE_CMS
https://packetstormsecurity.com/files/176018/WBCE-CMS-1.6.1-Shell-Upload.html
https://gitee.com/CTF-hacker/pwn/issues/I7LH2N
ExploitIssue TrackingThird Party Advisory
https://github.com/capture0x/WBCE_CMS
https://packetstormsecurity.com/files/176018/WBCE-CMS-1.6.1-Shell-Upload.html