Medium severity6.3NVD Advisory· Published Apr 7, 2023· Updated Jun 17, 2026
CVE-2023-1942
CVE-2023-1942
Description
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/?page=user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225319.
Affected products
21.0+ 1 more
- (no CPE)range: 1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
3- github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Upload%20any%20file%20at%20the%20administrator%20profile%20upload%20location.pdfnvdExploitTechnical DescriptionThird Party Advisory
- vuldb.comnvdPermissions RequiredThird Party Advisory
- vuldb.comnvdPermissions RequiredThird Party Advisory
News mentions
0No linked articles in our index yet.