Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-84288
HistoryNov 29, 2022 - 12:00 a.m.

uatech Badaso remote command execution vulnerability

2022-11-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
badaso cms
remote execution
vulnerability
user data validation
unauthenticated attacker
arbitrary code
server security
laravel vue
open source

0.005 Low

EPSS

Percentile

77.0%

JSON

Badaso is an open source Laravel Vue headless CMS. uatech Badaso version 2.6.3 suffers from a remote command execution vulnerability that stems from a failure to properly validate user uploaded data, which could be exploited by an unauthenticated remote attacker to remotely execute arbitrary code on the server.

CPENameOperatorVersion
uatech badasoeq2.6.3

Related

osv 2
prion 1
github 1
cve 1
veracode 1
nvd 1
cvelist 1
osv
osv
CVE-2022-41705
2022-11-25 18:15:10
Badaso vulnerable to Remote Code Execution (RCE)
2022-11-25 18:30:25
prion
prion
Code injection
2022-11-25 18:15:00
github
github
Badaso vulnerable to Remote Code Execution (RCE)
2022-11-25 18:30:25
cve
cve
CVE-2022-41705
2022-11-25 18:15:10
veracode
veracode
Arbitrary Code Execution
2022-11-28 11:01:17
nvd
nvd
CVE-2022-41705
2022-11-25 18:15:10
cvelist
cvelist
CVE-2022-41705
2022-11-25 00:00:00

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for CNVD-2022-84288
osv2prion1github1cve1veracode1nvd1cvelist1