CVE-2023-44061

HIGH

Simple and Nice Shopping Cart Script <1.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-44061. PoCs published by SoundarXploit.

AI-analyzed exploit summary This repository provides a detailed technical writeup on exploiting CVE-2023-44061, a file upload restriction bypass vulnerability in Simple and Nice Shopping Cart Script V1.0. It includes step-by-step reproduction steps, HTTP request examples, and screenshots demonstrating the exploitation process.

Description

File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.

Exploits (1)

nomisec WRITEUP
by SoundarXploit · poc
https://github.com/SoundarXploit/CVE-2023-44061

This repository provides a detailed technical writeup on exploiting CVE-2023-44061, a file upload restriction bypass vulnerability in Simple and Nice Shopping Cart Script V1.0. It includes step-by-step reproduction steps, HTTP request examples, and screenshots demonstrating the exploitation process.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Simple and Nice Shopping Cart Script V1.0
Auth required
Prerequisites: Access to the application · Ability to intercept and modify HTTP requests · Valid session cookie
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.0124
EPSS Percentile 65.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
simple_and_nice_shopping_cart_script_project/simple_and_nice_shopping_cart_script 1.0
Published Oct 06, 2023
Tracked Since Feb 18, 2026