exploitDog

CVE-2022-50916

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.php in the web application directory.

Ссылки

https://e107.org/
Product
https://e107.org/download
Product
https://www.exploit-db.com/exploits/50910
Exploit
Third Party Advisory
VDB Entry
https://www.vulncheck.com/advisories/e-cms-upload-restriction-bypass-authenticated-admin-server-file-override
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:e107:e107:3.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

7.2 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-c724-26g5-r6m3

CVSS3: 8.8

github

25 дней назад

e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing files like top.php in the web application directory.

EPSS

Процентиль: 23%

0.00077

Низкий

7.2 High

CVSS3

Дефекты

CWE-434