Skip to main content

Company Website Cms CVE-2023-5919

HIGH
Unrestricted Upload of File with Dangerous Type (CWE-434)
2023-11-02 cna@vuldb.com
7.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 02, 2023 - 14:15 nvd
HIGH 7.2

DescriptionNVD

A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-244310 is the identifier assigned to this vulnerability.

AnalysisAI

A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. A vulnerability was found in SourceCodester Company Website CMS 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /dashboard/createblog of the component Create Blog Page. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-244310 is the identifier assigned to this vulnerability. Affected products include: Company Website Cms Project Company Website Cms.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.

CVE-2025-29709 CRITICAL POC
9.8 Apr 16

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfo

CVE-2025-29708 CRITICAL POC
9.8 Apr 16

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Se

CVE-2022-2765 CRITICAL POC
9.8 Aug 11

A vulnerability was found in SourceCodester Company Website CMS 1.0. Rated critical severity (CVSS 9.8), this vulnerabil

CVE-2022-2694 HIGH POC
8.8 Aug 06

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Rated high severity (CVSS 8.

CVE-2022-2702 MEDIUM POC
6.5 Aug 08

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Rated medium severity (CVSS

CVE-2025-29710 MEDIUM POC
6.1 Apr 16

SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services. Rated medium

CVE-2022-2751 CRITICAL
9.8 Aug 11

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Rated critical severity (CVS

CVE-2022-2750 CRITICAL
9.8 Aug 11

A vulnerability, which was classified as critical, was found in SourceCodester Company Website CMS. Rated critical sever

CVE-2022-2740 CRITICAL
9.8 Aug 11

A vulnerability was found in SourceCodester Company Website CMS. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2022-2736 CRITICAL
9.8 Aug 11

A vulnerability was found in SourceCodester Company Website CMS. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2022-2725 MEDIUM
6.1 Aug 09

A vulnerability was found in SourceCodester Company Website CMS. Rated medium severity (CVSS 6.1), this vulnerability is

CVE-2022-2769 MEDIUM
5.4 Aug 11

A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. Rated medium

Share

CVE-2023-5919 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy