CVE-2023-53924

HIGH

UliCMS 2023.1-sniffing-vicuna - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53924. PoCs published by Mirabbas Ağalarov.

AI-analyzed exploit summary This exploit demonstrates an RCE vulnerability in Ulicms 2023.1-sniffing-vicuna by uploading a malicious PHAR file disguised as an avatar, bypassing image processing checks. The payload executes arbitrary commands when accessed via the uploaded file path.

Description

UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP files with .phar extension during profile avatar upload. Attackers can trigger code execution by visiting the uploaded file's location, enabling system command execution through maliciously crafted avatar uploads.

Exploits (1)

exploitdb WORKING POC
by Mirabbas Ağalarov · textwebappsphp
https://www.exploit-db.com/exploits/51434

This exploit demonstrates an RCE vulnerability in Ulicms 2023.1-sniffing-vicuna by uploading a malicious PHAR file disguised as an avatar, bypassing image processing checks. The payload executes arbitrary commands when accessed via the uploaded file path.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ulicms 2023.1-sniffing-vicuna
Auth required
Prerequisites: Valid user account · Access to profile edit functionality
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.0079
EPSS Percentile 51.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (2)
ulicms/ulicms 2023.1
Ulicms/Ulicms 2023.1
Published Dec 17, 2025
Tracked Since Feb 18, 2026