exploitDog

CVE-2022-50806

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php endpoint with a crafted cat_id parameter.

Ссылки

https://www.4homepages.de/
Product
https://www.exploit-db.com/exploits/51147
Exploit
https://www.vulncheck.com/advisories/images-remote-command-execution-rce
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:4homepages:4images:1.9:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00291

Низкий

7.2 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-r2jm-vp5j-vxhh

CVSS3: 8.8

github

25 дней назад

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php endpoint with a crafted cat_id parameter.

EPSS

Процентиль: 52%

0.00291

Низкий

7.2 High

CVSS3

Дефекты

CWE-94