What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through <= 1.0.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
What the vulnerability does
Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through <= 1.0.8.
Explanation of Vulnerability in Simple Terms
Appointify versions up to 1.0.8 allow authenticated administrators to upload files without proper validation. An attacker with admin privileges can upload malicious files that may affect the confidentiality, integrity, or availability of the site and potentially other systems. The vulnerability requires high-level access and does not require user interaction.
What an attacker can do
Upload files without validation to compromise site integrity and confidentiality.
Potential impact on your site
An admin account compromise could allow file uploads that affect your site and connected systems.
Conditions required to exploit
Attacker must have administrator-level access to Appointify.
Key dates
External resources