CVE-2023-48031

EPSS 0.55% · P68 Updated Sep 30, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-48031

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

OpenSupports 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OpenSupports是一款简单的开源的票务平台。 OpenSupports v4.11.0版本存在安全漏洞，该漏洞源于攻击者可以通过注释绕过安全限制并上传 .bat 文件，攻击者利用该漏洞能够执行任意代码或建立反向 shell。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2023-48031

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/nitipoom-jar/CVE-2023-48031	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-48031

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-11-17 · 30 CVEs total

CVE-2023-6188	4.7 MEDIUM	GetSimpleCMS theme-edit.php code injection
CVE-2023-48649	3.5 LOW	PortlandLabs Concrete CMS 跨站脚本漏洞
CVE-2023-45382		PrestaShop 路径遍历漏洞
CVE-2023-48659		MISP 安全漏洞
CVE-2023-48658		MISP 安全漏洞
CVE-2023-48657		MISP 安全漏洞
CVE-2023-48656		MISP 安全漏洞
CVE-2023-48655		MISP 安全漏洞
CVE-2023-48648		PortlandLabs Concrete CMS 安全漏洞
CVE-2023-48185		TerraMaster NAS安全漏洞
CVE-2023-48029		coreBOS 安全漏洞
CVE-2023-48028		kodbox 安全漏洞
CVE-2023-48025		Liblisp 安全漏洞
CVE-2023-48024		Liblisp 安全漏洞
CVE-2023-46402		git-urls 安全漏洞
CVE-2023-45387		PrestaShop 安全漏洞
CVE-2023-44796		LimeSurvey 安全漏洞
CVE-2023-43177		CrushFTP 安全漏洞
CVE-2023-41102		OpenNDS 安全漏洞
CVE-2023-41101		OpenNDS 安全漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2023-48031

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-48031

I. Basic Information for CVE-2023-48031

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-48031

III. Intelligence Information for CVE-2023-48031

Same Patch Batch · n/a · 2023-11-17 · 30 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-48031

Leave a comment