Vulnerability Details CVE-2024-31823
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the removeSecondaryImage method of the Publish.php component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.062
EPSS Ranking 90.4%
CVSS Severity
CVSS v3 Score 8.8
References
- https://gist.github.com/LioTree/4989e0f20b6a885604dd3178fa4b66b5
- https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da
- https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html
- https://gist.github.com/LioTree/4989e0f20b6a885604dd3178fa4b66b5
- https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da
- https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html
Products affected by CVE-2024-31823
-
cpe:2.3:a:ecommerce-codeigniter-bootstrap_project:ecommerce-codeigniter-bootstrap:2024-01-02