Security Advisory

CVE-2023-53981

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-22 21:35:36
Last updated 2026-04-07 14:08:19
Assigner VulnCheck
State PUBLISHED

Description

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a crafted video upload process.