Filtered by vendor Wddgroup Subscriptions
Filtered by product Fantasy Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28699 1 Wddgroup 1 Fantasy 2025-01-08 8.8 High
Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disrupt service.