CVE-2023-52314 | Paddle up to 2.5.x convert_shape_compare os command injection (dsa-2023-023)

Inserito da Angelo Barbosa | Gen 3, 2024 | CVE

A vulnerability was found in Paddle up to 2.5.x. It has been rated as critical. Affected by this issue is the function convert_shape_compare. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2023-52314. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52314 | Paddle up to 2.5.x convert_shape_compare os command injection (dsa-2023-023)

Post correlati

CVE-2024-20749 | Adobe Acrobat 2020 out-of-bounds (apsb24-07)

CVE-2024-25373 | Tenda AC10 V4 16.03.10.20 sub_49B384 page stack-based overflow

CVE-2024-51252 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi restore command injection

CVE-2024-10744 | PHPGurukul Online Shopping Portal 2.0 complex_header_2.php scripts cross site scripting