exploitDog

CVE-2022-40341

Опубликовано: 30 сент. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.

Ссылки

http://mojoportal.com
Product
Vendor Advisory
https://weed-1.gitbook.io/cve/mojoportal/upload-malicious-file-in-mojoportal-v2.7-cve-2022-40341
Exploit
Third Party Advisory
http://mojoportal.com
Product
Vendor Advisory
https://weed-1.gitbook.io/cve/mojoportal/upload-malicious-file-in-mojoportal-v2.7-cve-2022-40341
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mojoportal:mojoportal:2.7.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01329

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-pccj-cvvr-m5xv

CVSS3: 8.8

github

больше 3 лет назад

mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.

EPSS

Процентиль: 80%

0.01329

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

CWE-434