Security Advisory

CVE-2023-53971

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-22 21:35:32

Last updated 2026-04-07 14:08:14

Assigner VulnCheck

State PUBLISHED

Description

WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file path.

← Browse all CVEs View on cve.org ↗