CVE-2023-50038

EUVD-2023-54868
There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
textpatterntextpattern
4.8.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/LeopoldSkell/7e18bf09005c327a045abbfe39b1e676
https://www.cnblogs.com/fengzun/articles/17862578.html
https://gist.github.com/LeopoldSkell/7e18bf09005c327a045abbfe39b1e676
https://www.cnblogs.com/fengzun/articles/17862578.html