Lucene search
MitreCVE-2022-41504HistoryOct 18, 2022 - 2:15 p.m.
CVE-2022-41504
2022-10-1814:15:09
CWE-434
mitre
web.nvd.nist.gov
24
6
cve-2022-41504
arbitrary file upload
component /php_action/editproductimage.php
billing system project v1.0
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.3%
An arbitrary file upload vulnerability in the component /php_action/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
Affected configurations
Node
billing_system_projectbilling_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| billing_system_project | billing_system | 1.0 | cpe:2.3:a:billing_system_project:billing_system:1.0:*:*:*:*:*:*:* |
Social References
More
Related
prion
prion
Privilege escalation
2022-10-18 14:15:00
nvd
nvd
CVE-2022-41504
2022-10-18 14:15:09
cvelist
cvelist
CVE-2022-41504
2022-10-18 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.3%
Related for CVE-2022-41504