Lucene search
MitreCVE-2022-41539HistoryOct 14, 2022 - 5:15 a.m.
CVE-2022-41539
2022-10-1405:15:08
CWE-434
mitre
web.nvd.nist.gov
23
5
cve-2022-41539
wedding planner
vulnerability
arbitrary file upload
admin
php
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.3%
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Affected configurations
Node
wedding_planner_projectwedding_plannerMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wedding_planner_project | wedding_planner | 1.0 | cpe:2.3:a:wedding_planner_project:wedding_planner:1.0:*:*:*:*:*:*:* |
Social References
More
Related
prion
prion
Privilege escalation
2022-10-14 05:15:00
nvd
nvd
CVE-2022-41539
2022-10-14 05:15:08
cvelist
cvelist
CVE-2022-41539
2022-10-14 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.3%
Related for CVE-2022-41539