CVE-2023-52314 | Paddle up to 2.5.x convert_shape_compare os command injection (dsa-2023-023)

Inserito da Angelo Barbosa | Gen 3, 2024 | CVE

A vulnerability was found in Paddle up to 2.5.x. It has been rated as critical. Affected by this issue is the function convert_shape_compare. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2023-52314. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52314 | Paddle up to 2.5.x convert_shape_compare os command injection (dsa-2023-023)

Post correlati

CVE-2024-8138 | code-projects Pharmacy Management System 1.0 index.php id sql injection

CVE-2023-6505 | Migrate WordPress Website & Backups Plugin up to 1.9.2 on WordPress file information disclosure

CVE-2024-21915 | Rockwell Automation FactoryTalk Service Platform prior 2.74 permission assignment

CVE-2024-36383 | Logpoint SAML Authentication up to 6.0.2 Filename state denial of service