Critical severity9.8NVD Advisory· Published May 20, 2023· Updated May 22, 2026

CVE-2023-2712

Description

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.

This issue affects Rental Module: before 23.05.15.

Affected products

Ideasoft/Rental Moduledescription
Ideasoft/Rental Modulellm-fuzzy
Range: <23.05.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.usom.gov.tr/bildirim/tr-23-0276nvdThird Party Advisory
siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0276nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000