QwikSec

Security Database

CVE

CWE

Training

CVE-2023-53869

Published: Dec 15, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.

Vendor	Product	Versions
WebIGniter	WebIGniter	affected `28.7.23`

Weaknesses (CWE)

References

ExploitDB-51736

exploit

Webigniter Product Webpage

product

VulnCheck Advisory: WEBIGniter 28.7.23 Unrestricted File Upload Remote Code Execution

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.