Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2022-42458
HistoryDec 07, 2022 - 12:00 a.m.

CVE-2022-42458

2022-12-0700:00:00
jpcert
www.cve.org
authentication bypass
bingo!cms
remote unauthenticated attacker
arbitrary file upload
arbitrary script execution

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%

JSON

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered.

CNA Affected

[
  {
    "vendor": "Shift Tech Inc.",
    "product": "bingo!CMS",
    "versions": [
      {
        "version": "version1.7.4.1 and earlier",
        "status": "affected"
      }
    ]
  }
]

Related

prion 1
nvd 1
jvn 1
cve 1
attackerkb 1
prion
prion
Path traversal
2022-12-07 10:15:00
nvd
nvd
CVE-2022-42458
2022-12-07 10:15:11
jvn
jvn
JVN#74592196: bingo!CMS vulnerable to authentication bypass
2022-10-11 00:00:00
cve
cve
CVE-2022-42458
2022-12-07 10:15:11
attackerkb
attackerkb
CVE-2022-42458
2022-12-07 00:00:00

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%

JSON
Related for CVELIST:CVE-2022-42458
prion1nvd1jvn1cve1attackerkb1