VYPR
Medium severity6.3NVD Advisory· Published Dec 29, 2023· Updated Jun 17, 2026

CVE-2023-7147

CVE-2023-7147

Description

A vulnerability, which was classified as critical, was found in gopeak MasterLab up to 3.3.10. Affected is the function base64ImageContent of the file app/ctrl/User.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. VDB-249150 is the identifier assigned to this vulnerability.

Affected products

2
  • gopeak/MasterLabllm-fuzzy2 versions
    <=3.3.10+ 1 more
    • (no CPE)range: <=3.3.10
    • (no CPE)range: 3.3.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.