{"api_version":"1","generated_at":"2026-05-06T02:39:12+00:00","cve":"CVE-2023-1558","urls":{"html":"https://cve.report/CVE-2023-1558","api":"https://cve.report/api/cve/CVE-2023-1558.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-1558","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-1558"},"summary":{"title":"CVE-2023-1558","description":"A vulnerability classified as critical has been found in Simple and Beautiful Shopping Cart System 1.0. This affects an unknown part of the file uploadera.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223551.","state":"PUBLIC","assigner":"cna@vuldb.com","published_at":"2023-03-22 11:15:00","updated_at":"2023-11-07 04:04:00"},"problem_types":["CWE-434"],"metrics":[],"references":[{"url":"https://vuldb.com/?ctiid.223551","name":"https://vuldb.com/?ctiid.223551","refsource":"MISC","tags":[],"title":"Login required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf","name":"https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf","refsource":"MISC","tags":[],"title":"bug_report/simple and beautiful shopping cart system uploadera.php has a file upload vulnerability.pdf at main · nightcloudos/bug_report · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://vuldb.com/?id.223551","name":"https://vuldb.com/?id.223551","refsource":"MISC","tags":[],"title":"Login required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-1558","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1558","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"1558","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"simple_and_beautiful_shopping_cart_system_project","cpe5":"simple_and_beautiful_shopping_cart_system","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-1558","ASSIGNER":"cna@vuldb.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability classified as critical has been found in Simple and Beautiful Shopping Cart System 1.0. This affects an unknown part of the file uploadera.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223551."},{"lang":"deu","value":"Es wurde eine Schwachstelle in Simple and Beautiful Shopping Cart System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei uploadera.php. Durch das Beeinflussen mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-434 Unrestricted Upload","cweId":"CWE-434"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Simple and Beautiful Shopping Cart System","version":{"version_data":[{"version_affected":"=","version_value":"1.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://vuldb.com/?id.223551","refsource":"MISC","name":"https://vuldb.com/?id.223551"},{"url":"https://vuldb.com/?ctiid.223551","refsource":"MISC","name":"https://vuldb.com/?ctiid.223551"},{"url":"https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf","refsource":"MISC","name":"https://github.com/nightcloudos/bug_report/blob/main/simple%20and%20beautiful%20shopping%20cart%20system/simple%20and%20beautiful%20shopping%20cart%20system%20uploadera.php%20has%20a%20file%20upload%20vulnerability.pdf"}]},"credits":[{"lang":"en","value":"niclo (VulDB User)"}],"impact":{"cvss":[{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"},{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"},{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}]}},"nvd":{"publishedDate":"2023-03-22 11:15:00","lastModifiedDate":"2023-11-07 04:04:00","problem_types":["CWE-434"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:simple_and_beautiful_shopping_cart_system_project:simple_and_beautiful_shopping_cart_system:1.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}