CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wddgroup: >> Fantasy Security Vulnerabilities

CVE-2023-28699

Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-06-02

Page 1

Vulnerabilities

Vulnerable Software

Wddgroup: >> Fantasy Security Vulnerabilities

Products

Pricing

Contact Us