CVE-2023-3375
7.2 HIGHUnrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen...
Published: 2023-09-05 · Last updated: 2024-11-21
Severity and scoring
- CVSS
- 7.2 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-434
Affected products
| Vendor | Product |
|---|---|
| bookreen | bookreen |
Description
Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2023-3374 — Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0 (9.8 CRITICAL)
Same CWE
- CVE-2026-53724 — Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js
- CVE-2026-6211 — Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc (8.7 HIGH)
- CVE-2026-53787 — Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows un... (9.8 CRITICAL)
- CVE-2026-46489 — SolidInvoice is an open-source invoicing platform (8.1 HIGH)
- CVE-2026-11839 — Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc (9.9 CRITICAL)