Security Advisory

CVE-2023-53888

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-15 20:28:22

Last updated 2026-05-25 23:41:22

Assigner VulnCheck

State PUBLISHED

Description

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files (such as JavaScript) and rename them to .php via the saveE and rename actions, then execute the resulting PHP payload to run system commands.

← Browse all CVEs View on cve.org ↗