CVE-2023-1442
Published on: Not Yet Published
Last Modified on: 03/17/2023 12:59:00 PM UTC
Certain versions of QYKCMS from Meizhou Qingyunke contain the following vulnerability:
A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /admin_system/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223287.
- CVE-2023-1442 has been assigned by
[email protected] to track the vulnerability
- Affected Vendor/Software:
Meizhou Qingyunke - QYKCMS version = 4.3.0
CVE References
Description | Tags ⓘ | Link |
---|---|---|
-/README.md at main · VG00000/- · GitHub | github.com text/html |
![]() |
vuldb.com text/plain Inactive LinkNot Archived |
![]() | |
vuldb.com text/plain Inactive LinkNot Archived |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Software
Vendor | Product | Version |
---|---|---|
Meizhou Qingyunke | QYKCMS | = 4.3.0 |
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2023-1442 | Meizhou Qingyunke QYKCMS 4.3.0 Update /admin_system/api.php downurl unrestricted upload A vulnerabi… twitter.com/i/web/status/1… | 2023-03-17 07:50:53 |
![]() |
CVE-2023-1442 | 2023-03-17 08:38:34 |