CVE-2023-36348: POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter.
0.0
CVSS
Description
POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter.
Classification
CVE ID: CVE-2023-36348
CVSS Base Severity: LOW
CVSS Base Score: 0.0
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 1.64% (probability of being exploited)
EPSS Percentile: 87.37% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://www.youtube.com/watch?v=Ge0zqY0sGiQhttps://yuyudhn.github.io/pos-codekop-vulnerability/
http://packetstormsecurity.com/files/173278/POS-Codekop-2.0-Shell-Upload.html