Vulnerability Details CVE-2023-6902
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248260.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 5.2
References
Products affected by CVE-2023-6902
-
cpe:2.3:a:codelyfe:stupid_simple_cms:1.1.7
-
cpe:2.3:a:codelyfe:stupid_simple_cms:1.2.1
-
cpe:2.3:a:codelyfe:stupid_simple_cms:1.2.2
-
cpe:2.3:a:codelyfe:stupid_simple_cms:1.2.3
-
cpe:2.3:a:codelyfe:stupid_simple_cms:1.2.4