CRITICAL
rental_module_project
CVE published 2023-05-20
CVE-2023-2712
CVE-2023-2712 is a critical unrestricted file upload vulnerability in the third-party Rental Module used with Ideasoft’s e-commerce platform. According to the supplied sources, versions before 23.05.15 are affected, and the issue can enable command injection, malicious file upload, and web shell placement on a web server. Because the reported attack path is network-reachable and requires no privileges or [truncated]