Описание
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-31854
- https://codoforum.com
- https://github.com/Vikaran101/CVE-2022-31854/blob/main/exploit.py
- https://vikaran101.medium.com/codoforum-v5-1-authenticated-rce-my-first-cve-f49e19b8bc
- http://packetstormsecurity.com/files/167782/CodoForum-5.1-Remote-Code-Execution.html
Связанные уязвимости
CVSS3: 7.2
nvd
больше 3 лет назад
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.