cvedb.io
CVE-2023-38836
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2023-08-21T17:15:47.633 · Last modified 2026-07-09T01:18:32.120

Summary

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.

Affected products

boidcms — boidcms

Does this affect you?

Add your gear to cvedb and we'll alert you only when boidcms ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.