CVE-2023-1721
7.2
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.2 / Impact: 5.9
Source: NVD
Description
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0 |
References (4)
Source: help@fluidattacks.com
Product
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Timeline
No history available yet.