Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2023-46468

An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function.

Published: Oct 28, 2023
Updated: May 9, 2024
CVE: CVE-2023-46468
GHSA: GHSA-h92m-4g9m-72vr
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-74

Affected Software
References

Software	From	Fixed in
juzaweb / juzaweb_cms	-	3.4.x
juzaweb / cms	-	3.4.x