Security Advisory

CVE-2023-28699

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-02 00:00:00

Last updated 2025-01-08 18:01:15

Assigner twcert

State PUBLISHED

Description

Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.

← Browse all CVEs View on cve.org ↗