Filtered by vendor Wddgroup Subscriptions
Filtered by product Fantasy Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28699 1 Wddgroup 1 Fantasy 2024-11-21 8.8 High
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.