Vulners
Lucene search
CVE-2022-3552
๐๏ธย 17 Oct 2022ย 00:00:00Reported byย @huntrdevTypeย 
ย cve๐ย web.nvd.nist.gov๐ฐ๏ธย 5ย Media mentions๐ย 117ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | BoxBilling <= 4.22.1.5 - Remote Code Execution Vulnerability | 28 Mar 202300:00 | โ | zdt |
 | Exploit for Unrestricted Upload of File with Dangerous Type in Boxbilling | 1 Apr 202311:53 | โ | githubexploit |
| Exploit for Unrestricted Upload of File with Dangerous Type in Boxbilling | 1 Apr 202311:53 | โ | githubexploit |
| Exploit for Unrestricted Upload of File with Dangerous Type in Boxbilling | 27 Apr 202518:37 | โ | githubexploit |
 | BoxBilling <=4.22.1.5 - Authenticated Unrestricted File Upload - RCE | 18 Sep 202211:31 | โ | huntr |
 | CVE-2022-3552 | 18 Oct 202200:13 | โ | circl |
 | BoxBilling ไปฃ็ ้ฎ้ขๆผๆด | 17 Oct 202200:00 | โ | cnnvd |
 | CVE-2022-3552 Unrestricted Upload of File with Dangerous Type in boxbilling/boxbilling | 17 Oct 202200:00 | โ | cvelist |
 | BoxBilling<=4.22.1.5 - Remote Code Execution (RCE) | 28 Mar 202300:00 | โ | exploitdb |
 | CVE-2022-3552 | 17 Oct 202221:15 | โ | nvd |
10
Node
[
{
"vendor": "boxbilling",
"product": "boxbilling/boxbilling",
"versions": [
{
"version": "unspecified",
"lessThan": "0.0.1",
"status": "affected",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| order_id | request body | /index.php?_url=/api/admin/Filemanager/save_file | Unrestricted file upload leading to remote code execution via admin Filemanager save_file endpoint | CWE-434 |
| path | request body | /index.php?_url=/api/admin/Filemanager/save_file | Unrestricted file upload leading to remote code execution via admin Filemanager save_file endpoint | CWE-434 |
| data | request body | /index.php?_url=/api/admin/Filemanager/save_file | Unrestricted file upload leading to remote code execution via admin Filemanager save_file endpoint | CWE-434 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 07:19Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.17.2
CVSS 37.2
EPSS0.40294
SSVC