CVE-2023-53941

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-53941

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53941.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-53941

Published

2025-12-18T20:15:52.630Z

Modified

2026-03-11T22:29:39.103258Z

Severity

9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted appservicecontrol values to execute commands with administrative privileges.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53941.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.1"
            }
        ]
    }
]