Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2023-50917

MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager.

Published: Dec 15, 2023
Updated: Dec 20, 2023
CVE: CVE-2023-50917
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-77

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
mjdm / majordomo	-	2023-11-15

http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html
http://packetstormsecurity.com/files/176669/MajorDoMo-Command-Injection.html
http://seclists.org/fulldisclosure/2023/Dec/19
https://github.com/sergejey/majordomo/commit/0662e5ebfb133445ff6154b69c61019357092178
https://github.com/sergejey/majordomo/commit/3ec3ffb863ea3c2661ab27d398776c551f4daaac

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo