CVE-2023-1415 MEDIUM

CVE-2023-1415: Simple Art Gallery adminHome.php sliderPicSubmit unrestricted upload

Vendor N/A

Product Simple Art Gallery

Weakness CWE-434 · Unrestricted file upload

Published March 15, 2023

Last update November 22, 2024

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

March 15, 2023 CVE published

November 22, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1415 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/434.html

Related vulnerabilities

04Related CVE

CVE-2025-3914 Aeropage Sync for Airtable <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload CVE-2026-29186 @backstage/plugin-techdocs-node: TechDocs Mkdocs Configuration Key Enables Arbitrary Code Execution CVE-2023-3187 PHPGurukul Teachers Record Management System Profile Picture changeimage.php unrestricted upload CVE-2023-53889 Perch CMS 3.2 Remote Code Execution via Unrestricted File Upload CVE-2023-25921 IBM Security Guardium Key Lifecycle Manager file upload