CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-53921

SitemagicCMS 4.4.3 contains a remote code execution vulnerability that allows attackers to upload malicious PHP files to the files/images directory. Attackers can upload a .phar file with system command execution payload to compromise the web application and execute arbitrary system commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://sitemagic.org/Download.html
https://www.exploit-db.com/exploits/51464
https://www.vulncheck.com/advisories/sitemagiccms-remote-code-execution-via-unrestricted-file-upload
https://www.exploit-db.com/exploits/51464

Products affected by CVE-2023-53921

Sitemagic » Sitemagic Cms » Version: 4.4.3

cpe:2.3:a:sitemagic:sitemagic_cms:4.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-53921

Products

Pricing

Contact Us