CVE-2023-53888

HIGH

Zomplog 3.9 - Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53888. PoCs published by Mirabbas Ağalarov.

AI-analyzed exploit summary This exploit demonstrates a Remote Code Execution (RCE) vulnerability in zomplog 3.9 by leveraging file upload and rename functionality to execute arbitrary PHP code. The exploit authenticates, injects malicious PHP code into a configuration file, renames it to a .php extension, and triggers execution.

Description

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files (such as JavaScript) and rename them to .php via the saveE and rename actions, then execute the resulting PHP payload to run system commands.

Exploits (1)

exploitdb WORKING POC
by Mirabbas Ağalarov · pythonwebappsphp
https://www.exploit-db.com/exploits/51624

This exploit demonstrates a Remote Code Execution (RCE) vulnerability in zomplog 3.9 by leveraging file upload and rename functionality to execute arbitrary PHP code. The exploit authenticates, injects malicious PHP code into a configuration file, renames it to a .php extension, and triggers execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: zomplog v3.9
Auth required
Prerequisites: Valid credentials for zomplog · Access to the target application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.0082
EPSS Percentile 52.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (2)
zomp/zomplog 3.9
Zomplog/Zomplog 3.9
Published Dec 15, 2025
Tracked Since Feb 18, 2026