CVE-2023-7147 | gopeak MasterLab up to 3.3.10 app/ctrl/User.php base64ImageContent image unrestricted upload

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability, which was classified as critical, was found in gopeak MasterLab up to 3.3.10. Affected is the function base64ImageContent of the file app/ctrl/User.php. The manipulation of the argument image leads to unrestricted upload.

This vulnerability is traded as CVE-2023-7147. It is possible to launch the attack remotely. There is no exploit available.

CVE-2023-7147 | gopeak MasterLab up to 3.3.10 app/ctrl/User.php base64ImageContent image unrestricted upload

Related Posts

CVE-2021-46923 | Linux Kernel up to 5.15/5.15.12 mount_setattr finish_mount_kattr information disclosure (47b5d0a7532d/012e332286e2)

CVE-2023-6853 | kalcaddle KodExplorer up to 4.51.03 app.php index path server-side request forgery

CVE-2024-34762 | WPENGINE Advanced Custom Fields Pro Plugin up to 6.2.9 on WordPress path traversal

CVE-2024-34742 | Google Android 14 OwnersData.java shouldWrite denial of service