Lucene search
GoogleOSV:GHSA-33C9-RPPF-M7FQHistoryOct 07, 2022 - 6:15 p.m.
Backdrop CMS Unrestricted File Upload vulnerability
2022-10-0718:15:39
Google
osv.dev
7
backdrop cms
unrestricted file upload
remote code execution
themes
software
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.081 Low
EPSS
Percentile
94.3%
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via themes that allows attackers to achieve Remote Code Execution.
Related
cve
cve
CVE-2022-42092
2022-10-07 18:15:23
veracode
veracode
Unrestricted File Upload
2022-10-18 08:38:38
prion
prion
Unrestricted file upload
2022-10-07 18:15:00
github
github
Backdrop CMS Unrestricted File Upload vulnerability
2022-10-07 18:15:39
cvelist
cvelist
CVE-2022-42092
2022-10-07 00:00:00
nvd
nvd
CVE-2022-42092
2022-10-07 18:15:23
osv
osv
CVE-2022-42092
2022-10-07 18:15:23
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.081 Low
EPSS
Percentile
94.3%
Related for OSV:GHSA-33C9-RPPF-M7FQ