Lucene search
WPScanCVELIST:CVE-2022-1409HistoryMay 16, 2022 - 2:30 p.m.
CVE-2022-1409 VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload
2022-05-1614:30:58
CWE-434
WPScan
www.cve.org
3
vikbooking
hotel booking engine
pms
wordpress
php file upload
vulnerability
EPSS
0.001
Percentile
42.9%
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code
CNA Affected
[
{
"product": "VikBooking Hotel Booking Engine & PMS",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.8",
"status": "affected",
"version": "1.5.8",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload
2022-04-21 00:00:00
cnvd
cnvd
WordPress VikBooking Hotel Booking Engine
2022-05-18 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-1409
2022-05-16 15:15:09
prion
prion
Code injection
2022-05-16 15:15:00
wpexploit
wpexploit
VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload
2022-04-21 00:00:00
cve
cve
CVE-2022-1409
2022-05-16 15:15:09