Description
A vulnerability, which was classified as problematic, was found in Bettershop LaikeTui. This affects an unknown part of the file index.php?module=system&action=uploadImg. The manipulation of the argument imgFile leads to unrestricted upload. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-239799.
References (2)
Core 2
Core References
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.239799
Permissions Required, Third Party Advisory signature
https://vuldb.com/?ctiid.239799
Scores
CVSS v3
6.3
EPSS
0.0015
EPSS Percentile
35.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-434
Status
published
Products (1)
laiketui/laiketui
Published
Sep 15, 2023
Tracked Since
Feb 18, 2026