CVE-2023-5795— Pharmacy Point Of Sale System 代码问题漏洞

CodeAstro POS System Profile Picture profil unrestricted upload

A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243601 was assigned to this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

危险类型文件的不加限制上传

Pharmacy Point Of Sale System 代码问题漏洞

Pharmacy Point Of Sale System是Carlo Montero个人开发者的一个基于 Web 的应用程序。用于帮助某个药房管理其销售交易。 Pharmacy Point Of Sale System 1.0版本存在安全漏洞，该漏洞源于组件 Profile Picture Handler 中的 profile存在未知函数，导致上传不受限制。

N/A

N/A