Security Advisory

CVE-2023-48394

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-15 09:25:18

Last updated 2024-08-02 21:30:34

Assigner twcert

State PUBLISHED

Description

Kaifa Technology WebITR is an online attendance system, its file uploading function does not restrict upload of file with dangerous type. A remote attacker with regular user privilege can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.

← Browse all CVEs View on cve.org ↗