Home

Description

UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP files with .phar extension during profile avatar upload. Attackers can trigger code execution by visiting the uploaded file's location, enabling system command execution through maliciously crafted avatar uploads.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-17 | Updated 2025-12-18 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

Unrestricted Upload of File with Dangerous Type

Product status

2023.1
affected

Credits

Mirabbas Ağalarov finder

References

www.exploit-db.com/exploits/51434 exploit

www.exploit-db.com/exploits/51434 (ExploitDB-51434) exploit

web.archive.org/web/20230314183734/https://en.ulicms.de/ (Archived Product Webpage) product

www.vulncheck.com/...remote-code-execution-via-avatar-upload (VulnCheck Advisory: UliCMS 2023.1-sniffing-vicuna Remote Code Execution via Avatar Upload) third-party-advisory

cve.org (CVE-2023-53924)

nvd.nist.gov (CVE-2023-53924)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.