Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2023-44974

Published: 03/10/2023 Updated: 05/10/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows malicious users to execute arbitrary code via uploading a crafted PHP file.

Vulnerable Product Search on Vulmon Subscribe to Product

emlog emlog 2.2.0

Github Repositories

https://github.com/Myanemo/Myanemo

Myan Profile

Hi 我是Myan 👋 🔭 日常会在各大src中提交一些漏洞,研究漏洞挖掘 🌱 目前是在校生,热爱web漏洞技术研究 👯 当然还是一个ctfer T-bone ' s Link ⭐️ web漏洞研究: <CVE-2023-44974 emlog CMS任意文件上传漏洞分析> forumbutiannet/share/2871

References

CWE-434https://github.com/yangliukk/emlog/blob/main/Plugin-getshell.mdhttps://nvd.nist.govhttps://github.com/Myanemo/Myanemo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673CVE-2024-36674CVE-2024-27348unspecifiedCVE-2024-24919CVE-2024-4870malicious code‎CVE-2024-2019hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook